by jadamson 8 hours ago

> The body parsing logic is in react or nextjs, that's my takeaway, is it that incorrect?

The exploit they were trying to protect against is in React services run by their customers.

notepad0x90 5 hours ago | [-0 more]

that makes better sense now, thanks. I feel dumb now that I re-read it, in my mind they patched nextjs/react and the new patch somehow required more buffer size.