Timing Attack

ID

ruby.checkbasicauthtimingattack

Severity

low

Resource

Timing Attack

Language

Ruby

Description

Check for timing attack in basic auth (CVE-2015-7576)

Rationale

Check for timing attack in basic auth (CVE-2015-7576)

Remediation

Follow secure coding practices for Ruby on Rails applications. Review the references below for detailed remediation guidance.

Configuration

This detector does not need any configuration.

References