| CARVIEW |
Select Language
HTTP/2 200
date: Sun, 12 Oct 2025 08:38:43 GMT
content-type: text/html; charset=utf-8
cf-ray: 98d548550b329dfd-BLR
cf-cache-status: DYNAMIC
access-control-allow-origin: *
age: 0
cache-control: max-age=600
expires: Sun, 12 Oct 2025 08:48:42 GMT
last-modified: Thu, 09 Oct 2025 23:50:10 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 varnish
content-security-policy: default-src 'self' https://*.fontawesome.com https://api.github.com https://*.githubusercontent.com https://*.google-analytics.com https://owaspadmin.azurewebsites.net https://*.twimg.com https://platform.twitter.com https://www.youtube.com https://*.doubleclick.net; frame-ancestors 'self'; frame-src https://*.vuejs.org https://*.stripe.com https://*.wufoo.com https://*.sched.com https://*.google.com https://*.twitter.com https://www.youtube.com https://w.soundcloud.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://viewer.diagrams.net https://fonts.googleapis.com https://*.fontawesome.com https://app.diagrams.net https://cdnjs.cloudflare.com https://cse.google.com https://*.vuejs.org https://*.stripe.com https://*.wufoo.com https://*.youtube.com https://*.meetup.com https://*.sched.com https://*.google-analytics.com https://unpkg.com https://buttons.github.io https://www.google.com https://*.gstatic.com https://*.twitter.com https://*.twimg.com; style-src 'self' 'unsafe-inline' https://*.gstatic.com https://cdnjs.cloudflare.com https://www.google.com https://fonts.googleapis.com https://platform.twitter.com https://*.twimg.com data:; font-src 'self' https://*.fontawesome.com fonts.gstatic.com; manifest-src 'self' https://pay.google.com; img-src 'self' https://*.globalappsec.org https://render.com https://*.render.com https://okteto.com https://*.okteto.com data: www.w3.org https://*.bestpractices.dev https://licensebuttons.net https://img.shields.io https://*.twitter.com https://github.githubassets.com https://*.twimg.com https://platform.twitter.com https://*.githubusercontent.com https://*.vercel.app https://*.cloudfront.net https://*.coreinfrastructure.org https://*.securityknowledgeframework.org https://badges.gitter.im https://travis-ci.org https://api.travis-ci.org https://s3.amazonaws.com https://snyk.io https://coveralls.io https://requires.io https://github.com https://*.googleapis.com https://*.google.com https://*.gstatic.com
permissions-policy: geolocation=(self)
referrer-policy: same-origin
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-fastly-request-id: 38064c39e711b1d36fa73a5dba6fd75692e5184c
x-frame-options: SAMEORIGIN
x-github-request-id: 616F:284228:C2C1E:ECE1E:68EB6911
x-proxy-cache: MISS
x-served-by: cache-bom-vanm7210076-BOM
x-timer: S1760258323.778769,VS0,VE303
content-encoding: gzip
Cash Overflow | OWASP Foundation
This website uses cookies to analyze our traffic and only share that information with our analytics partners.
Acceptx
Cash Overflow
Author: psiinon
Contributor(s): Andrew Smith, kingthorin
Contributor(s): Andrew Smith, kingthorin
Description
A Cash Overflow attack is a Denial of Service attack specifically aimed at exceeding the hosting costs for a cloud application, either essentially bankrupting the service owner or exceeding the application cost limits, leading the cloud service provider to disable the application.
Risk Factors
Given enough resources, fairly easy to launch attack. Quickly detected due to immediate downtime/resources consumption/logging. Impact usually limited to loss of availability.
Related Controls
DoS Prevention Techniques
References
The OWASP® Foundation works to improve the security of software through its community-led open source software projects,
hundreds of chapters worldwide, tens of thousands of members, and by hosting local and global conferences.
Important Community Links
- Community
- Attacks (You are here)
- Vulnerabilities
- Controls