A regular expression denial of service (ReDoS)[1]
is an algorithmic complexity attack that produces a denial-of-service by providing a regular expression and/or an input that takes a long time to evaluate. The attack exploits the fact that many[2] regular expression implementations have super-linear worst-case complexity; on certain regex-input pairs, the time taken can grow polynomially or exponentially in relation to the input size. An attacker can thus cause a program to spend substantial time by providing a specially crafted regular expression and/or input. The program will then slow down or become unresponsive.[3][4]
^
OWASP (2010-02-10). "Regex Denial of Service". Retrieved 2010-04-16.
^Davis, James; Louis, Michael; Coghlan, Christy; Servant, Francisco; Lee, Dongyoon (2019). "Why Aren't Regular Expressions a Lingua Franca? An Empirical Study on the Re-use and Portability of Regular Expressions" (PDF). The ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering: 443–454.
^RiverStar Software (2010-01-18). "Security Bulletin: Caution Using Regular Expressions". Archived from the original on 2011-07-15. Retrieved 2010-04-16.
^Ristic, Ivan (2010-03-15). ModSecurity Handbook. London, UK: Feisty Duck Ltd. p. 173. ISBN 978-1-907117-02-2. Archived from the original on 2016-08-08. Retrieved 2010-04-16.
A regular expression denial of service (ReDoS) is an algorithmic complexity attack that produces a denial-of-service by providing a regular expression...
DoReDoS is a Moldovan trio from Rîbnița, Transnistria. The group consists of Marina Djundyet, Eugeniu Andrianov and Sergiu Mîța. They represented Moldova...
DoReMi Market (Korean: 도레미 마켓; RR: Doremi Maket), better known as Amazing Saturday (놀라운 토요일; Nollaun Toyo-il), is a South Korean variety show that airs...
imprisonment, a fine or both. Fork bomb High Orbit Ion Cannon LAND Ping of death ReDoS Zemra White Hat (computer security) SourceForge: [1] "Praetox Techlologies"...
used for DDoS attacks High Orbit Ion Cannon (HOIC) – the replacement for LOIC used in DDoS attacks Fork bomb Slowloris (computer security) ReDoS Cheng, Geoffrey...
(LAND) Pentium F00F bug Ping of death Regular expression denial of service (ReDoS) Lindqvist, U.; Jonsson, E. (1997). "How to systematically classify computer...
can cause a security problem called Regular expression Denial of Service (ReDoS). Although backtracking implementations only give an exponential guarantee...
DoReMi Market (Korean: 도레미 마켓), better known as Amazing Saturday (놀라운 토요일), is a South Korean television program that airs on tvN. The program airs every...
DoReMi Fantasy: Milon's DokiDoki Adventure is a platform game (a sequel to Milon's Secret Castle) developed and published by Hudson Soft for the Super...
Laksamana DoRe Mi (English: The Admirals Do, Re, and Mi) is a 1972 Malaysian Malay-language black-and-white comedy film directed by P. Ramlee. Shot in...
server industry, intended to prevent regular expression denial of service (ReDoS) attacks. The hardware that performs the acceleration may be part of a general-purpose...
Slowloris (computer security) High Orbit Ion Cannon Low Orbit Ion Cannon ReDoS Denial-of-service attack "The LAND attack (IP DOS)". Insecure.Org's original...
Examples of such attacks include ReDOS, zip bombs and exponential entity expansion attacks. Crosby, Scott A.; Wallach, Dan S. (2003). "Denial of Service via...
could even lead to remote code execution. INVITE of Death LAND Ping flood ReDoS Smurf attack Abdollahi, Asrin; Fathi, Mohammad (2020-01-23). "An Intrusion...
sixth. The country also reached the top ten with Natalia Barbu (2007), DoReDoS (2018), and Zdob și Zdub and Advahov Brothers (2022). In total, Moldova...