The regex code in Webkit 2.4.11 allows remote attackers to cause a denial of service as demonstrated in a large number of .