Darktinia

**Name of the Vulnerable Software and Affected Versions** configobj versions all versions **Description** The issue is related to the use of a regular expression with inefficient computational complexity in the configobj package. This can be exploited to cause a denial of service. The `validate` function is vulnerable to Regular Expression Denial of Service (ReDoS) via the use of `(.+?)((.*))`. This is only exploitable in the case of a developer putting the offending value in a server-side configuration file. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.