crates.io package
conduit-hyper
pkg:cargo/conduit-hyper
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-39294 | — | >= 0.2.0-alpha.3, < 0.4.2 | 0.4.2 | Oct 31, 2022 | conduit-hyper integrates a conduit application with the hyper server. Prior to version 0.4.2, `conduit-hyper` did not check any limit on a request's length before calling [`hyper::body::to_bytes`](https://docs.rs/hyper/latest/hyper/body/fn.to_bytes.html). An attacker could send a |
- CVE-2022-39294Oct 31, 2022affected >= 0.2.0-alpha.3, < 0.4.2fixed 0.4.2
conduit-hyper integrates a conduit application with the hyper server. Prior to version 0.4.2, `conduit-hyper` did not check any limit on a request's length before calling [`hyper::body::to_bytes`](https://docs.rs/hyper/latest/hyper/body/fn.to_bytes.html). An attacker could send a