ReDoS


Topic | v1 | created by jjones |
Description

The regular expression denial of service (ReDoS) is an algorithmic complexity attack that produces a denial-of-service by providing a regular expression that takes a very long time to evaluate. The attack exploits the fact that most regular expression implementations have exponential time worst case complexity: the time taken can grow exponentially in relation to input size. An attacker can thus cause a program to spend an unbounded amount of time processing by providing such a regular expression, either slowing down or becoming unresponsive.


Relations

a subtopic of Regular expression

A regular expression (shortened as regex or regexp; also referred to as rational expression) is a seq...

a subtopic of Denial-of-service attack

In computing, a denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seek...


Edit topic New topic

Resources

No beginner resources matching your criteria have been registered, yet.

is treated in Denial of Service (DoS) in microsoft.aspnetcore.app | Snyk

9.0 rating 5.0 level 7.0 clarity 3.0 background – 1 rating

Denial of Service (DoS) affecting microsoft.aspnetcore.app - SNYK-DOTNET-MICROSOFTASPNETCOREAPP-54184...

is treated in Regular expression Denial of Service - ReDoS Software Attack | OWASP

8.0 rating 5.0 level 8.0 clarity 2.0 background – 1 rating

Regular expression Denial of Service - ReDoS on the main website for The OWASP Foundation. OWASP is a...

No advanced resources matching your criteria have been registered, yet.

No unrated resources matching your criteria have been registered, yet.