Denial of Service: XML denial of service (CVE-2015-3227)

ID

ruby.checkxmldos

Severity

low

Resource

Denial of Service

Language

Ruby

Description

This rule identifies instances where resources are allocated without any limits, potentially leading to Denial of Service (DoS) attacks.

Rationale

Checks for XML denial of service (CVE-2015-3227)

Remediation

Configuration

This detector does not need any configuration.

References

  • CWE-770 : Allocation of Resources Without Limits or Throttling.