The regular expression denial of service (ReDoS) is an algorithmic complexity attack that produces a denial-of-service by providing a regular expression that takes a very long time to evaluate. The attack exploits the fact that most regular expression implementations have exponential time worst case complexity: the time taken can grow exponentially in relation to input size. An attacker can thus cause a program to spend an unbounded amount of time processing by providing such a regular expression, either slowing down or becoming unresponsive.
Edit details Edit relations Attach new author Attach new topic Attach new resource
9.0 rating 5.0 level 7.0 clarity 3.0 background – 1 rating
Denial of Service (DoS) affecting microsoft.aspnetcore.app - SNYK-DOTNET-MICROSOFTASPNETCOREAPP-54184...
8.0 rating 5.0 level 8.0 clarity 2.0 background – 1 rating
Regular expression Denial of Service - ReDoS on the main website for The OWASP Foundation. OWASP is a...