all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Number Parsing can be susceptible to DoS attacks

Add to bookmarks
April 25, 2023, 9:57 a.m. | PJ Fanning

System Weakness - Medium systemweakness.com

Photo by Mika Baumeister on Unsplash

Any application that takes inputs from potentially untrusted sources should be investigated in case they are susceptible to Denial of Service attacks.

I’m writing this based on some work I’ve been doing on Java based applications. The built-in code in Java for parsing numbers has subquadratic performance. Trying to parse a number with hundreds or thousands of digits can take a lot longer than you might expect. Your trusted users might be sending you …

application applications attacks case code denial of service denial of service attack doing dos expect inputs jackson java json malicious numbers parsing performance photo send service untrusted work writing yaml

Visit resource

More from systemweakness.com / System Weakness - Medium

First AD home lab 19 hours ago | systemweakness.com
access active directory building can +17
3 Steps to protect yourself from Prompt Injection 19 hours ago | systemweakness.com
prompt-engineering prompt injection security
Clocky | TryHackMe Write-up 1 day, 18 hours ago | systemweakness.com
ctf ctf-writeup tryhackme tryhackme-walkthrough +1
Bypassing Aquatone’s lack of ability to take screenshots of private websites 1 day, 18 hours ago | systemweakness.com
automation cybersecurity hacking pentesting +1
Tuesday Morning Threat Report: Apr 30, 2024 1 day, 18 hours ago | systemweakness.com
analysis artificial intelligence bad customers +21
Staying Anonymous — Ethical Hacking as a Beginner [09] 1 day, 18 hours ago | systemweakness.com
anonymous beginner communication cybersecurity +22
Safeguarding the Virtual Frontier 1 day, 18 hours ago | systemweakness.com
awareness click collaboration critical +24
The Ultimate Guide to CISSP’s Eight Security Territories 1 day, 18 hours ago | systemweakness.com
bug bounty cybersecurity information security information technology +1
Keep your API keys safe (OpenAI, Together AI, etc.) 1 day, 18 hours ago | systemweakness.com
cybersecurity data science encryption generative-ai-tools +1

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

SITEC- Systems Security Administrator- Camp HM Smith

@ Peraton | Camp H.M. Smith, HI, United States
View on infosec-jobs.com

Cyberspace Intelligence Analyst

@ Peraton | Fort Meade, MD, United States
View on infosec-jobs.com

General Manager, Cybersecurity, Google Public Sector

@ Google | Virginia, USA; United States
View on infosec-jobs.com

Cyber Security Advisor

@ H&M Group | Stockholm, Sweden
View on infosec-jobs.com

Engineering Team Manager – Security Controls

@ H&M Group | Stockholm, Sweden
View on infosec-jobs.com
View more jobs