A flaw was found in the regex used to process HTTP Headers in python-waitress and is vulnerable to catastrophic backtracking. This flaw allows an attacker with the ability to send HTTP requests to a vulnerable server to cause a denial of service attack.