Go Security Vulnerabilities

CWE-693 6 rules

Protection Mechanism Failure

CWE-307 5 rules

Improper Restriction of Excessive Authentication Attempts

CWE-942 5 rules

Permissive Cross-domain Policy with Untrusted Domains

CWE-20 4 rules

Improper Input Validation

CWE-200 4 rules

Exposure of Sensitive Information to an Unauthorized Actor

1 critical

CWE-362 4 rules

Concurrent Execution Using Shared Resource with Improper Synchronization ('Race Condition')

CWE-94 3 rules

Improper Control of Generation of Code ('Code Injection')

2 critical

CWE-306 3 rules

Missing Authentication for Critical Function

CWE-319 3 rules

Cleartext Transmission of Sensitive Information

CWE-400 3 rules

Uncontrolled Resource Consumption

CWE-489 3 rules

Active Debug Code

CWE-639 3 rules

Authorization Bypass Through User-Controlled Key

CWE-22 2 rules

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CWE-502 2 rules

Deserialization of Untrusted Data

CWE-74 1 rules

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

CWE-78 1 rules

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

1 critical

CWE-89 1 rules

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

1 critical

CWE-90 1 rules

Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection')

CWE-93 1 rules

Improper Neutralization of CRLF Sequences ('CRLF Injection')

CWE-113 1 rules

Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting')