Good morning, I am currently working with Java and I am passing my code through SonarQube and I am having the following issue associated with a SecurityHospost:
Denial Of Services (DOS):
Make sure the regex used here, which is vulnerable to polynomial runtime due to backtracking, cannot lead to denial of service.
The same happens for the following Regex validation:
private static void validateIdentityId(String identityId) {
if(!Pattern.matches("^(.)*?(58).*",identityId)){
throw new EmptyDataExceptionQueryParam("Parametro identityId (PhoneNumber) enviado es incorrecto para Venezuela");
}
}
}
How can you remedy this?