Discovered 9 months ago
Source: static code analysis
Category: Denial of Service
Confidence level: Medium

Problem

Model attribute used in regex

Location

app/models/commit_range.rb:47

/
      (?:#{Project.reference_pattern}#{reference_prefix})?
      (?<commit_range>#{/\h{7,40}\.{2,3}\h{7,40}/.freeze})
    /x

Category description: Denial of Service is any attack which causes a service to become unavailable for legitimate clients.

Solution: fix the issue in app/models/commit_range.rb or mark it as false positive.