GHSA-9398-5GHF-7PR6 conduit-hyper vulnerable to Denial of Service from unchecked request length

Prior to version 0.4.2, conduit-hyper did not check any limit on a request's length before calling hyper::body::tobytes. An attacker could send a malicious request with an abnormally large Content-Length, which could lead to a panic if memory allocation failed for that request. In version 0.4.2,...

conduit-hyper 资源管理错误漏洞

conduit-hyper is a library from conduit-rust open source. It is used to integrate conduit applications with hyper servers. A security vulnerability exists in versions of conduit-hyper prior to 0.4.2 that stems from not checking the length of a request before its call to hyper::body::tobytes causi...