regex
crate RS-S1015The regex
Rust library prior to version 1.5.5
is vulnerable to
regular expression denial of service (ReDoS) attacks.
Ensure that you use version 1.5.5
or above in Cargo.toml
dependencies for regex
.
ReDoS is a vulnerability linked to the fact that some inputs may hang the parser indefinitely, causing a Denial Of Service.
[dependencies]
regex = "<=1.5.4"
Only raised if regex
crate is version 1.5.4
or lower.
[dependencies]
regex = ">=1.5.5"