High

Showing all detectors for the Go language with high severity.

Improper Certificate Validation

Disabled TLS certificate validation

Weak Random Number Generation

Use of insecure math/rand for random number generation

Insecure Ignore Host Key

Disabling SSH host key validation

Unsafe Reflection

Use of adversary-controlled input in reflection

Os Command Injection

OS command injection from untrusted input

Log Injection

Log injection from untrusted input

Httptrace FileServer As Handler

Using http.FileServer as handler

Pprof Endpoint

Exposed pprof endpoints enable information leaks

Cross Site Scripting (XSS)

XSS from untrusted input in web outputs

Not Recommended API Usage

Security risks and quality issues from deprecated AWS APIs and clients

Channel Accessible By Non Endpoint

Insecure gRPC client and server connections in Go enable data tampering

Decompression Bomb

Decompression of untrusted data without size limits

Cross-Site Request Forgery (CSRF)

Insecure validation and lack of restrictions enable cross-site request forgery

Thread Safety Violation

Unsynchronized concurrent access to shared data

Insecure Connection

Plain HTTP traffic enables eavesdropping and tampering

SQL Injection

Improper Neutralization of Special Elements used in an SQL Command

Deprecated Key Generator

Use of weak RSA key generation function

Exported Loop Pointer

Loop pointers exported directly can cause unintended behavior

Server Side Request Forgery (SSRF)

User input used unsanitized in outbound requests

Sensitive Information Leak

Unprotected sensitive data in network services and client alerts

Integer Overflow

Integer overflow from improper input validation in conversions

Protection Mechanism Failure

Disabled or incorrectly used protection mechanism can lead to security vulnerabilities

Nil Pointer Dereference

Dereferencing a nil pointer can lead to unexpected nil pointer exceptions.

Temporary Files

Insecure temporary file creation

XML External Entity

XXE vulnerability from XML

Insecure File Permissions

Overly permissive file permissions

Authentication Bypass By Alternate Name

Inconsistent variable assignment from multiple sources

Improper authentication

Improper authentication from insufficient identity verification

Path Traversal

Path traversal from untrusted input

Write Pprof Profile Output

Identified the presence of stack traces within HTTP response, posing a potential security risk if deployed in a user-facing manner in a production environment.