Regexp matching cause time-complexity explosion problem as known as ReDoS (https://en.wikipedia.org/wiki/ReDoS). ReDoS has become serious vulnerability in many places in recent years, and Ruby is no exception. The following are the incomplete list of such vulnerability reports:
These reports have been addressed by fixing the library/software implementation. But, if the language’s Regexp implementation become safe, the vulnerabilty is fundamentally archived.
For a few month, Ruby has implemented a Regexp matching timeout (https://bugs.ruby-lang.org/issues/17837). It is one of the useful methods for preventing ReDoS vulnerability, but it is a problem that setting a