CWE-1333Inefficient Regular Expression Complexity

PUBLISHEDweakness recordHigh
released 2021-03-15 · last modified 2026-04-30
CWE-1333 - Inefficient Regular Expression Complexity - Diagram

Metadata

CWE ID:
CWE-1333
摘要:
Base
结构:
Simple
状态:
Draft
发布日期:
2021-03-15
更新日期:
2026-04-30

名称

Inefficient Regular Expression Complexity

描述

The product uses a regular expression with a worst-case computational complexity that is inefficient and possibly exponential.

常见后果

范围:
Availability
影响:
DoS: Resource Consumption (CPU)
注释:
Attackers can create crafted inputs that intentionally cause the regular expression to use excessive backtracking in a way that causes the CPU consumption to spike.

相关 CWE