The JFrog Security Research team has identified multiple vulnerabilities in popular Rust projects, such as Axum, Salvo, and conduit-hyper, which are linked to the improper handling of HTTP requests due to the lack of limits set when using the Hyper library. Hyper, a widely used low-level HTTP library in Rust, can be exploited for denial-of-service (DoS) attacks because its body::to_bytes function does not check for length, allowing arbitrary memory allocation based on the "Content-Length" header. This vulnerability can lead to zero-click DoS attacks when a small request with a large "Content-Length" value is sent, causing memory allocation failure and process crashes. To mitigate this issue, developers should implement size checks in their code to limit the size of requests and responses, as the Hyper library does not provide such restrictions by default. The JFrog team continues to notify Rust maintainers about this vulnerability to ensure all instances are addressed.