In 2011 the Chaos Computer Club revealed a major complexity attack vulnerability that works across all major languages. PHP addressed the vulnerability for forms but never really fixed it. Nowadays every web application uses a JSON API, which is still vulnerable to complexity attacks. How it works Hash Tables are optimized to be very fast in the average case. But if someone inserts keys that all c
![PHP Denial of Service Attack Revisited](https://cdn-ak-scissors.b.st-hatena.com/image/square/5eef82bf79d6f9a5ba7240796728de9f8b7322a5/height=288;version=1;width=512/http%3A%2F%2Flukasmartinelli.ch%2Fmedia%2Fcpu_hash_collision.png)