denial-of-service
Safeguard articles tagged "denial-of-service" — guides, analysis, and best practices for software supply chain and application security.
44 articles
CVE-2023-33170: Denial of service in .NET SocketsHttpHandler
A memory-allocation flaw in .NET's SocketsHttpHandler (CVE-2022-23267) let malicious HTTP responses trigger denial of service in HttpClient-based apps.
CVE-2023-36799: Denial of service in .NET Core
CVE-2023-36799 is a denial-of-service flaw in the .NET runtime powering .NET Core-descended apps. Here's what's affected and how to remediate it.
CVE-2020-29652: Denial of service in golang.org/x/crypto/...
A pre-auth nil pointer dereference in golang.org/x/crypto/ssh let a single crafted request crash Go SSH servers. Here's the impact, fix, and remediation path.
CVE-2021-43565: Denial of service in golang.org/x/crypto/...
A crafted SSH packet could crash Go services using golang.org/x/crypto/ssh before the December 2021 fix. What's affected, the severity context, and how to remediate.
Cisco ASA and FTD CVE-2024-20481: Brute-Force DoS in VPN Services
CVE-2024-20481 in Cisco ASA and Firepower Threat Defense VPN services was actively exploited in large-scale brute-force campaigns, causing denial of service on critical VPN infrastructure.
Notable CVEs of 2022: A Practitioner's Roundup
CVE-2022-31160 and a run of recursion-based denial-of-service bugs made 2022 a year defined less by exotic exploits and more by parsers that never expected deeply nested input.
Regular Expression Denial of Service (ReDoS): Detection and Prevention
A single bad regex can bring down your entire application. ReDoS attacks exploit catastrophic backtracking to consume unbounded CPU time.
Regular Expression Denial of Service (ReDoS): When Patterns Attack
A single poorly written regex can take down your server. ReDoS is a subtle denial-of-service vulnerability hiding in dependencies you have never audited.