Security detectors

Useless if Body

If statement with identical bodies in if and else blocks

Channel Guarded With Mutex

Redundant mutex guards on channels in Go

Improper Certificate Validation

Disabled TLS certificate validation

Unvalidated S3 Bucket Ownership

S3 bucket operations without owner validation

Resource Leak

Improper resource handling leading to resource exhaustion or arbitrary code execution

Insecure Cookie

Cookies created without HttpOnly and Secure flags

Weak Random Number Generation

Use of insecure math/rand for random number generation

Redundant Equality Check

Redundant equality checks affect code quality and return predictable results

Insecure Ignore Host Key

Disabling SSH host key validation

Unsafe Reflection

Use of adversary-controlled input in reflection

Unchecked Batch Operation Failures

Unhandled failures in AWS batch operations

Lambda Client Reuse

AWS client re-creation in Lambda handlers

Os Command Injection

OS command injection from untrusted input

Useless if Conditional

Redundant conditional checks

Log Injection

Log injection from untrusted input

Httptrace FileServer As Handler

Using http.FileServer as handler

Pprof Endpoint

Exposed pprof endpoints enable information leaks

Cross Site Scripting (XSS)

XSS from untrusted input in web outputs

Not Recommended API Usage

Security risks and quality issues from deprecated AWS APIs and clients

Hidden Goroutine

Asynchronous hidden goroutine function invocations

Channel Accessible By Non Endpoint

Insecure gRPC client and server connections in Go enable data tampering

Decompression Bomb

Decompression of untrusted data without size limits

Cross-Site Request Forgery (CSRF)

Insecure validation and lack of restrictions enable cross-site request forgery

Thread Safety Violation

Unsynchronized concurrent access to shared data

Insecure Connection

Plain HTTP traffic enables eavesdropping and tampering

SQL Injection

Improper Neutralization of Special Elements used in an SQL Command

Deprecated Key Generator

Use of weak RSA key generation function

Exported Loop Pointer

Loop pointers exported directly can cause unintended behavior

Server Side Request Forgery (SSRF)

User input used unsanitized in outbound requests

Sensitive Information Leak

Unprotected sensitive data in network services and client alerts

Integer Overflow

Integer overflow from improper input validation in conversions

Missing Pagination

Missing pagination in paginated API calls

Insecure Cryptography

Use of insecure cryptography

Protection Mechanism Failure

Disabled or incorrectly used protection mechanism can lead to security vulnerabilities

Nil Pointer Dereference

Dereferencing a nil pointer can lead to unexpected nil pointer exceptions.

Temporary Files

Insecure temporary file creation

XML External Entity

XXE vulnerability from XML

Insecure File Permissions

Overly permissive file permissions

Authentication Bypass By Alternate Name

Inconsistent variable assignment from multiple sources

Code Injection

Code injection from untrusted input

Improper authentication

Improper authentication from insufficient identity verification

Use Filepath Join

File path compatibility with different systems path separators risks from path.Join

Path Traversal

Path traversal from untrusted input

Write Pprof Profile Output

Identified the presence of stack traces within HTTP response, posing a potential security risk if deployed in a user-facing manner in a production environment.

Hardcoded true or false

Redundant true/false conditions in if statements