Regular Expression Denial of Service (ReDoS)
Last updated
Last updated
Regular expression Denial of Service (ReDoS) is an algorithmic complexity attack that produces a Denial of Service by providing a regular expression and/or an input that takes a long time to evaluate. The attack exploits the fact that many regular expression implementations have super-linear worst-case complexity; on certain regex-input pairs, the time taken can grow polynomially or exponentially in relation to the input size. An attacker can thus cause a program to spend substantial time by providing a specially crafted regular expression and/or input.
This page contains recommendations for the implementation of protection against Regular expression Denial of Service (ReDoS) attacks.
Comply with requirements from the Regular Expressions page.