Denial of Service: render :text DoS (CVE-2014-0082)

ID

ruby.checkrenderdos

Severity

low

Resource

Denial of Service

Language

Ruby

Description

This rule identifies instances where resources are allocated without any limits, potentially leading to Denial of Service (DoS) attacks.

Rationale

Warn about denial of service with render :text (CVE-2014-0082)

Remediation

Configuration

This detector does not need any configuration.

References

  • CWE-770 : Allocation of Resources Without Limits or Throttling.