You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
redos denial of service
About this tag
The redos denial of service tag covers discussions about regular expression denial of service (ReDoS) vulnerabilities, which are availability attacks that can cause resource exhaustion and service disruption. Content under this tag includes analysis of specific CVEs, such as CVE-2026-35611, which affects Ruby URI templates via Addressable. These vulnerabilities are highlighted as serious because they can lead to total or partial loss of availability in widely used components. The tag emphasizes that ReDoS bugs are as disruptive as code-execution flaws, focusing on the impact on service reliability and the importance of patching such issues in enterprise and development environments.
CVE-2026-35611 is another reminder that availability bugs can be every bit as disruptive as code-execution flaws, especially when they live inside a widely reused dependency. Microsoft describes the issue as a regular expression denial of service in Addressable templates, warning that the...