unsafe-atom-interpolation
unsafe-atom-interpolation
Atom values are appended to a global table but never removed. If input is user-controlled, dynamic instantiations such as
Likelihood: MEDIUM
Confidence: MEDIUM
CWE:
- CWE-400: Uncontrolled Resource Consumption
OWASP:
- A05:2021 - Security Misconfiguration
:erlang.binary_to_atom can lead to possible memory leaks. Instead, use :erlang.binary_to_existing_atom or use the String.to_existing_atom function for untrusted user input. Likelihood: MEDIUM
Confidence: MEDIUM
CWE:
- CWE-400: Uncontrolled Resource Consumption
OWASP:
- A05:2021 - Security Misconfiguration