测试版 Shoulder 目前处于测试阶段 — 结果有时可能不正确。您的反馈塑造我们接下来要修复的内容。 分享反馈
Shoulder.dev

开发者威胁情报
🐹

Go Security Rules

90 detection rules for Go across 54 vulnerability classes.

7 Critical
40 High
41 Medium
2 Low
Scan your Go code
npx @shoulderdev/cli trust --lang=go .

Frameworks

chi echo fiber gin go gorilla net/http stdlib
CWE-693 Protection Mechanism Failure 6 rules
Chi Missing Security Headers MEDIUM chi
Echo Missing Security Headers MEDIUM echo
Fiber Missing Security Headers MEDIUM fiber
Gin Missing Security Headers MEDIUM gin
Gorilla Missing Security Headers MEDIUM gorilla
Missing HTTP Security Headers MEDIUM gin echo fiber chi gorilla
CWE-307 CWE-307 5 rules
Missing Rate Limiting in Chi Router Application MEDIUM chi
Missing Rate Limiting in Echo Application MEDIUM echo
Missing Rate Limiting in Fiber Application MEDIUM fiber
Missing Rate Limiting in Gin Application MEDIUM gin
Missing Rate Limiting in Gorilla Mux Application MEDIUM gorilla
CWE-942 CWE-942 5 rules
Chi Permissive CORS MEDIUM chi
Echo Permissive CORS MEDIUM echo
Fiber Permissive CORS MEDIUM fiber
Gin Permissive CORS MEDIUM gin
Permissive CORS Configuration MEDIUM gin echo fiber chi gorilla
CWE-20 Improper Input Validation 4 rules
Business Logic Input Validation MEDIUM
Echo Missing Input Validation MEDIUM echo
Fiber Missing Input Validation MEDIUM fiber
Gin Missing Input Validation MEDIUM gin
CWE-200 Information Exposure 4 rules
Environment Variable Secret Exposure HIGH stdlib gin echo fiber chi
LLM Model Theft HIGH
LLM Sensitive Information Disclosure HIGH
Sensitive Field Exposure in API Response CRITICAL gin echo fiber chi gorilla net/http
CWE-362 Race Condition 4 rules
Concurrent Slice Access HIGH
Direct Map Access on Thread-Safe Struct HIGH
Potential Race Condition MEDIUM
WaitGroup Misuse HIGH
CWE-94 Code Injection 3 rules
Code Injection via os/exec CRITICAL
LLM Insecure Output Handling HIGH
Server-Side Template Injection CRITICAL
CWE-306 CWE-306 3 rules
Echo Missing JWT Middleware HIGH echo
Fiber Missing JWT Middleware HIGH fiber
Gin Missing JWT Middleware HIGH gin
CWE-319 CWE-319 3 rules
Echo Running Without TLS HIGH echo
Fiber Running Without TLS HIGH fiber
Gin Running Without TLS LOW gin
CWE-400 Resource Exhaustion 3 rules
LLM Denial of Service MEDIUM
Missing Request Size Limits MEDIUM
Denial of Service via Resource Exhaustion MEDIUM
CWE-489 CWE-489 3 rules
Echo Debug Mode in Production MEDIUM echo
Fiber Debug Mode in Production MEDIUM fiber
Gin Debug Mode in Production MEDIUM gin
CWE-639 Authorization Bypass Through User-Controlled Key 3 rules
Horizontal Privilege Escalation HIGH
Insecure Direct Object Reference (IDOR) HIGH
Potential IDOR - Generic Data Access MEDIUM gin echo fiber chi gorilla
CWE-22 Path Traversal 2 rules
Path Traversal via File Operations HIGH stdlib gin echo fiber chi gorilla
Zip Slip / Path Traversal in Archive HIGH
CWE-502 Deserialization of Untrusted Data 2 rules
Insecure Deserialization HIGH
LLM Training Data Poisoning HIGH
CWE-74 Injection 1 rules
AI Prompt Injection HIGH
CWE-78 OS Command Injection 1 rules
Command Injection via os/exec CRITICAL
CWE-89 SQL Injection 1 rules
SQL Injection via Database Queries CRITICAL stdlib gin echo fiber chi gorilla
CWE-90 LDAP Injection 1 rules
LDAP Injection HIGH
CWE-93 CWE-93 1 rules
Email Header Injection HIGH go gin echo fiber chi
CWE-113 HTTP Response Splitting 1 rules
HTTP Header Injection MEDIUM
CWE-117 Log Injection 1 rules
Log Injection / Log Forging MEDIUM stdlib gin echo fiber chi gorilla
CWE-176 CWE-176 1 rules
Unicode Normalization Security Issues MEDIUM stdlib gin echo fiber chi
CWE-190 CWE-190 1 rules
Integer Overflow via Unchecked Arithmetic MEDIUM stdlib gin echo fiber chi
CWE-201 CWE-201 1 rules
Credential Exfiltration via User-Controlled Endpoint CRITICAL stdlib gin echo fiber chi gorilla
CWE-209 Error Message Information Leak 1 rules
Database Error Information Exposure in HTTP Response MEDIUM stdlib gin echo fiber chi gorilla
CWE-252 Unchecked Return Value 1 rules
Unchecked Error Return Values MEDIUM
CWE-284 Improper Access Control 1 rules
LLM Insecure Plugin Design HIGH
CWE-295 Improper Certificate Validation 1 rules
Insecure TLS/SSL Configuration HIGH
CWE-327 Broken Cryptographic Algorithm 1 rules
Use of Weak Cryptographic Algorithm HIGH stdlib
CWE-330 CWE-330 1 rules
Non-deterministic Map Iteration MEDIUM
CWE-338 Weak PRNG 1 rules
Weak Random Number Generation for Security HIGH
CWE-347 Improper Signature Verification 1 rules
JWT Security Vulnerabilities HIGH
CWE-352 Cross-Site Request Forgery 1 rules
Missing CSRF Protection (Gin) HIGH gin
CWE-384 Session Fixation 1 rules
Insecure Session Management HIGH
CWE-391 CWE-391 1 rules
Empty Error Handling LOW
CWE-434 Unrestricted File Upload 1 rules
Unsafe File Upload HIGH
CWE-476 CWE-476 1 rules
Unsafe Type Assertion Without Ok Check MEDIUM
CWE-521 Weak Password Requirements 1 rules
Weak Password Policy MEDIUM
CWE-526 CWE-526 1 rules
Environment Variable Exposure HIGH
CWE-532 Information Exposure Through Logs 1 rules
Logging Sensitive Data MEDIUM
CWE-601 Open Redirect 1 rules
Open Redirect MEDIUM
CWE-611 XXE 1 rules
XML External Entity (XXE) Injection HIGH
CWE-636 CWE-636 1 rules
Failing Open on Error HIGH
CWE-640 Weak Password Recovery 1 rules
Weak Password Reset Token HIGH
CWE-667 CWE-667 1 rules
Mutex Misuse HIGH
CWE-755 CWE-755 1 rules
Incomplete Error Handling MEDIUM
CWE-798 Hardcoded Credentials 1 rules
Hardcoded Secrets in Source Code CRITICAL
CWE-829 Inclusion of Untrusted Functionality 1 rules
LLM Supply Chain Vulnerabilities HIGH
CWE-833 CWE-833 1 rules
Channel Misuse HIGH
CWE-840 CWE-840 1 rules
Business Logic Bypass HIGH gin echo fiber chi gorilla net/http
CWE-862 Missing Authorization 1 rules
LLM Excessive Agency HIGH
CWE-918 Server-Side Request Forgery 1 rules
Server-Side Request Forgery (SSRF) HIGH stdlib gin echo fiber chi gorilla
CWE-943 NoSQL Injection 1 rules
NoSQL Injection HIGH stdlib gin echo fiber chi
CWE-1333 ReDoS 1 rules
Regular Expression Denial of Service MEDIUM
← All Rules