Regex DoS via Catastrophic Backtracking in re.match()

contains nested quantifiers that cause catastrophic backtracking. When untrusted input from request.json is matched against this pattern using re.match(), an attacker can send specially crafted strings (e.g., repeating patterns without the 'DEVICE' su", "url": "https://onebugatatime.com/snippet/regex-dos-via-catastrophic-backtracking-in-re-match-python", "learningResourceType": "Interactive exercise", "educationalUse": "Security training", "educationalLevel": "hard", "programmingLanguage": "Python", "inLanguage": "en", "isPartOf": { "@type": "WebApplication", "name": "onebugatatime.com", "url": "https://onebugatatime.com" }, "about": [ { "@type": "Thing", "name": "CWE-1333" }, { "@type": "Thing", "name": "A06:2021 - Vulnerable and Outdated Components" } ] }