Consider possible security implications associated with some modules.
Mass assignment is a feature of Rails which allows an application to create a record from the values of a hash.
Other language specific security issues.
Regex can be used in a Denial of Service attack, that exploits the fact that most Regular Expression implementations may reach heavy computation situations that cause them to work very slowly (exponentially related to input size).
Badly configured routes can give unintended access to an attacker.
A SQL injection attack consists of insertion or 'injection' of a SQL query via the input data from the client to the application.
Simply using SSL isn't enough to ensure the data you are sending is secure. Man in the middle attacks are well known and widely used.
Assigning values to private APIs might lead to unexpected behaviour.
You need to enable the following patterns for this category to be verified