all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Catastrophic backtracking: how can a regular expression cause a ReDoS vulnerability?

Add to bookmarks
Nov. 30, 2022, 2:47 p.m. | Unicorn Developer

DEV Community dev.to

Regular expressions come in handy when you need to search for and replace text. However, in some cases, they may cause the system to slow down or even make vulnerable to ReDoS attacks.






Introduction


ReDoS is a subtype of a DoS attack. The aim of a ReDoS attack is to halt an application or cause it to slow down via an inefficient regex.


ReDoS attacks can be divided into two types:



  1. A string with a malicious pattern is passed …

csharp dotnet redos regular expression security tutorial vulnerability

Visit resource

More from dev.to / DEV Community

Keyoxide Identity Proof an hour ago | dev.to
claim control dev fingerprint +5
Keyoxide/Ariadne Identity Verification an hour ago | dev.to
account control dev fingerprint +7
Unleash The Power of Azure: Creating A Linux VM with SSH keys Security. 3 hours ago | dev.to
access azure cloud cloudengineering +22
Use CloudFlare Workers and D1 to Create a Completely Free CRUD API 4 hours ago | dev.to
api backenddevelopment cdn cloud +24
IOT Raspberry Pi using Azure 5 hours ago | dev.to
above account azure azurefunctions +16
Build a password manager with Rust - Part 2 13 hours ago | dev.to
application article build can +13
Security Features in Push Protocol: Ensuring Safe Communication 14 hours ago | dev.to
applications blockchain communication dapps +13
Day 2 of 30 14 hours ago | dev.to
beginners challenge concepts dev +10
@Qualifier 15 hours ago | dev.to
dependency framework injection spring +1

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US
View on infosec-jobs.com

Corporate Intern - Information Security (Year Round)

@ Associated Bank | US WI Remote
View on infosec-jobs.com

Senior Offensive Security Engineer

@ CoStar Group | US-DC Washington, DC
View on infosec-jobs.com