ReDoS


Topic | v1 | created by jjones |
Description

The regular expression denial of service (ReDoS) is an algorithmic complexity attack that produces a denial-of-service by providing a regular expression that takes a very long time to evaluate. The attack exploits the fact that most regular expression implementations have exponential time worst case complexity: the time taken can grow exponentially in relation to input size. An attacker can thus cause a program to spend an unbounded amount of time processing by providing such a regular expression, either slowing down or becoming unresponsive.


Relations

subtopic of Regular expression

A regular expression (shortened as regex or regexp; also referred to as rational expression) is a seq...

subtopic of Denial-of-service attack

In computing, a denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seek...


Edit details Edit relations Attach new author Attach new topic Attach new resource
Resources

treated in Denial of Service (DoS) in microsoft.aspnetcore.app | Snyk

9.0 rating 5.0 level 7.0 clarity 3.0 background – 1 rating

Denial of Service (DoS) affecting microsoft.aspnetcore.app - SNYK-DOTNET-MICROSOFTASPNETCOREAPP-54184...

treated in Regular expression Denial of Service - ReDoS Software Attack | OWASP

8.0 rating 5.0 level 8.0 clarity 2.0 background – 1 rating

Regular expression Denial of Service - ReDoS on the main website for The OWASP Foundation. OWASP is a...