Module RegexInjection

A regex escaping, considered as a sanitizer.

A source of remote user input, considered as a flow source.

A sanitizer for “regular expression injection” vulnerabilities.

A sink for “regular expression injection” vulnerabilities is the execution of a regular expression. If you have a custom way to execute regular expressions, you can extend RegexExecution::Range.

A data flow source for “regular expression injection” vulnerabilities.