Audit
Django rest framework
missing-throttle-config
missing-throttle-config
Django REST framework configuration is missing default rate- limiting options. This could inadvertently allow resource starvation or Denial of Service (DoS) attacks. Add ‘DEFAULT_THROTTLE_CLASSES’ and ‘DEFAULT_THROTTLE_RATES’ to add rate-limiting to your application.
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-400: Uncontrolled Resource Consumption
OWASP:
- A05:2021 - Security Misconfiguration
- A06:2017 - Security Misconfiguration