Internet Bug Bounty: Regexes with large repetitions on empty sub-expressions take a very long time to parse

Rust's regex crate guarantees a linear time complexity with regex length for compilation of untrusted regexes. However, existing mitigations for known malicious regexes are based on memory usage and, as such, do not mitigate repetitions of empty sub-expressions. For example, the following payload...