Don’t recurse on untrusted inputAlexis Challande, Brad SwainFebruary 21, 2025recursion, vulnerability-disclosure, javaWe developed a simple CodeQL query to find denial-of-service (DoS) vulnerabilities in several high-profile Java projects.
