Inefficient Regular Expression Complexity
| Property | |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-1333: Inefficient Regular Expression Complexity |
| OWASP | A06:2017 - Security Misconfiguration |
| Confidence Level | Low |
| Impact Level | Medium |
| Likelihood Level | Low |
Description#
The code uses a regular expression that may be inefficient or vulnerable to excessive backtracking, which can slow down or hang your application when processing certain input. This makes your regex susceptible to denial of service attacks.
Impact#
An attacker could send specially crafted input that causes your application to become unresponsive or crash, leading to lost availability and potential service downtime. This could disrupt users and make your application unreliable or unavailable.