Go Rules
SAST rules for Go that identify insecure patterns in application code.
Go Rule Catalog
| ID | Title | Severity | Category |
|---|---|---|---|
CODE-0795 | SQL Injection | CRITICAL | Injection |
CODE-0796 | OS Command Injection | CRITICAL | Injection |
CODE-0094 | Concurrent Append to Slice | HIGH | Concurrency |
CODE-0190 | Insecure Transaction Tracing | HIGH | Blockchain |
CODE-0213 | DLL Hijacking Vulnerability | HIGH | InsecureConfig |
CODE-0214 | Missing RUnlock on RWMutex | HIGH | Concurrency |
CODE-0273 | Concurrent writes to a map | HIGH | Concurrency |
CODE-0480 | Missing Mutex Unlock Before Return | HIGH | Concurrency |
CODE-0761 | Incomplete Transaction Receipt Status Inspection | HIGH | Blockchain |
CODE-0797 | Use of inherently dangerous function (unsafe package) | HIGH | InsecureConfig |
CODE-0095 | WaitGroup Add Called Inside Goroutine | MEDIUM | Concurrency |
CODE-0205 | Uncontrolled NULL pointer dereference in ServerCodec ReadRequestBody | MEDIUM | Injection |
CODE-0245 | Unmarshal Tag is Dash | MEDIUM | InsecureConfig |
CODE-0255 | Calling Wait() inside a loop blocks Done() | MEDIUM | Concurrency |
CODE-0257 | Mutex Copied via Value Receiver | MEDIUM | Concurrency |
CODE-0270 | Integer underflows due to incorrect conversion | MEDIUM | Injection |
CODE-0465 | Potential nil dereference | MEDIUM | Generic |
CODE-0508 | Unmarshal Tag Omitempty | MEDIUM | InsecureConfig |
CODE-0667 | Potential Goroutine Leak Due to Unbuffered Channel | MEDIUM | Concurrency |
CODE-0771 | Use of a broken or risky cryptographic algorithm | MEDIUM | Crypto |
CODE-0772 | Use of a broken or risky cryptographic algorithm | MEDIUM | Crypto |
CODE-0773 | Use of a broken or risky cryptographic algorithm | MEDIUM | Crypto |
CODE-0774 | Use of a broken or risky cryptographic algorithm | MEDIUM | Crypto |
CODE-0775 | Use of a broken or risky cryptographic algorithm | MEDIUM | Crypto |
CODE-0776 | Insecure SSH Connection | MEDIUM | Auth |
CODE-0777 | Use of deprecated TLS version | MEDIUM | Crypto |
CODE-0778 | Inadequate encryption strength | MEDIUM | Crypto |
CODE-0779 | Use of cryptographically weak Pseudo-Random Number Generator (PRNG) | MEDIUM | Crypto |
CODE-0780 | Incorrect permission assignment for critical resource | MEDIUM | AccessControl |
CODE-0781 | Incorrect permission assignment for critical resource | MEDIUM | AccessControl |
CODE-0782 | Improper handling of highly compressed data | MEDIUM | InsecureConfig |
CODE-0783 | Path Traversal | MEDIUM | AccessControl |
CODE-0784 | Exposing entire filesystem through HTTP handler | MEDIUM | AccessControl |
CODE-0785 | Incorrect default permissions | MEDIUM | AccessControl |
CODE-0786 | Insecure Temporary File Creation | MEDIUM | InsecureConfig |
CODE-0787 | Path Traversal in Archive Extraction | MEDIUM | Injection |
CODE-0789 | Server Side Request Forgery (SSRF) | MEDIUM | Web |
CODE-0790 | Cross Site Scripting (XSS) via template functions | MEDIUM | Web |
CODE-0791 | Active debug code (pprof enabled) | MEDIUM | InsecureConfig |
CODE-0792 | Integer overflow or wraparound | MEDIUM | Injection |
CODE-0793 | Incorrect access of indexable resource ('Range Error') | MEDIUM | Generic |
CODE-0812 | Invalid usage of modified variable | MEDIUM | Generic |
CODE-0742 | Iteration over a possibly empty map | LOW | Generic |
CODE-0788 | Insecure HTTP Server Configuration | LOW | InsecureConfig |
CODE-0794 | Binding to an unrestricted IP address | LOW | InsecureConfig |
Total Rules: 45
Click on any rule ID to view detailed information, examples, and remediation guidance.