Go Sicherheitsschwachstellen
Shoulder erkennt 90 Sicherheitsmuster, die spezifisch für Go-Anwendungen sind, die mit Go erstellt wurden.
Framework-Abdeckung
Schwachstellenkategorien
CWE-693
6 Regeln
Protection Mechanism Failure
CWE-307
5 Regeln
Improper Restriction of Excessive Authentication Attempts
CWE-942
5 Regeln
Permissive Cross-domain Policy with Untrusted Domains
CWE-20
4 Regeln
Improper Input Validation
CWE-200
4 Regeln
Exposure of Sensitive Information to an Unauthorized Actor
1 critical
CWE-362
4 Regeln
Concurrent Execution Using Shared Resource with Improper Synchronization ('Race Condition')
CWE-94
3 Regeln
Improper Control of Generation of Code ('Code Injection')
2 critical
CWE-306
3 Regeln
Missing Authentication for Critical Function
CWE-319
3 Regeln
Cleartext Transmission of Sensitive Information
CWE-400
3 Regeln
Uncontrolled Resource Consumption
CWE-489
3 Regeln
Active Debug Code
CWE-639
3 Regeln
Authorization Bypass Through User-Controlled Key
CWE-22
2 Regeln
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE-502
2 Regeln
Deserialization of Untrusted Data
CWE-74
1 Regeln
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE-78
1 Regeln
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
1 critical
CWE-89
1 Regeln
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
1 critical
CWE-90
1 Regeln
Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection')
CWE-93
1 Regeln
Improper Neutralization of CRLF Sequences ('CRLF Injection')
CWE-113
1 Regeln
Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting')
Scannen Sie Ihr Go-Projekt
Führen Sie das Shoulder CLI aus, um Go-spezifische Schwachstellen zu finden.