SYM_JSTS_0105 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Inefficient Regular Expression Complexity
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-1333: Inefficient Regular Expression Complexity |
| OWASP | A05:2021 - Security Misconfiguration |
| Confidence Level | Low |
| Impact Level | Medium |
| Likelihood Level | Medium |
Description
Your code uses a regular expression pattern that may be vulnerable to Regular Expression Denial of Service (ReDoS). This means certain inputs could cause the regex to take an excessive amount of time to process, leading to performance problems.
Impact
If exploited, an attacker could send specially crafted input to your application, causing it to slow down or become unresponsive. This can result in denial of service, making your application unavailable to legitimate users and potentially impacting business operations.