Go安全漏洞

CWE-693 6 规则

Protection Mechanism Failure

CWE-307 5 规则

Improper Restriction of Excessive Authentication Attempts

CWE-942 5 规则

Permissive Cross-domain Policy with Untrusted Domains

CWE-20 4 规则

Improper Input Validation

CWE-200 4 规则

Exposure of Sensitive Information to an Unauthorized Actor

1 critical

CWE-362 4 规则

Concurrent Execution Using Shared Resource with Improper Synchronization ('Race Condition')

CWE-94 3 规则

Improper Control of Generation of Code ('Code Injection')

2 critical

CWE-306 3 规则

Missing Authentication for Critical Function

CWE-319 3 规则

Cleartext Transmission of Sensitive Information

CWE-400 3 规则

Uncontrolled Resource Consumption

CWE-489 3 规则

Active Debug Code

CWE-639 3 规则

Authorization Bypass Through User-Controlled Key

CWE-22 2 规则

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CWE-502 2 规则

Deserialization of Untrusted Data

CWE-74 1 规则

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

CWE-78 1 规则

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

1 critical

CWE-89 1 规则

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

1 critical

CWE-90 1 规则

Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection')

CWE-93 1 规则

Improper Neutralization of CRLF Sequences ('CRLF Injection')

CWE-113 1 规则

Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting')