CVE-2022-39294
CVE-2022-39294 affects conduit-hyper prior to 0.4.2, a Rust crate that integrates conduit with hyper. The root cause is that earlier versions did not enforce any limit on the request length before calling hyper::body::to_bytes, allowing an attacker to send a malicious request with an abnormally l...