Go
File Types
Mend SAST scans these file types:
.go
.golan
Vulnerability Types
Mend SAST scans for these vulnerability types:
Vulnerability Type | CWE | Severity |
|---|---|---|
SQL Injection | CWE-89 | High |
Path/Directory Traversal | CWE-22 | High |
Command Injection | CWE-78 | High |
LDAP Injection | CWE-90 | High |
XPath Injection | CWE-643 | High |
Server-Side Request Forgery | CWE-918 | High |
Insecure SSH Configuration | CWE-322 | High |
Insecure TLS Configuration | CWE-295 | High |
Cross-Site Scripting | CWE-79 | High |
File Manipulation | CWE-73 | High |
HTTP Response Splitting | CWE-113 | High |
Unvalidated/Open Redirect | CWE-601 | High |
HTTP Header Injection | CWE-113 | High |
Sleep Denial of Service | CWE-400 | High |
Session Fixation | CWE-384 | High |
Log Forging | CWE-117 | Low |
Arbitrary Server Connection | CWE-941 | Low |
Dangerous File Extensions | CWE-530 | Low |
File Upload | CWE-434 | Low |
Cookie Injection | CWE-20 | Low |
Cookie Without 'HttpOnly' Flag | CWE-1004 | Low |
Hardcoded Password/Credentials | CWE-798 | Low |
Heap Inspection | CWE-244 | Low |
Hidden HTML Input | CWE-472 | Low |
Weak Encryption Strength | CWE-326 | Low |
Weak Hash Strength | CWE-916 | Low |
Weak Pseudo-Random | CWE-338 | Low |
Insecure Interface Binding | CWE-1327 | Low |
Insecure Directory Permissions | CWE-732 | Low |
Insecure File Permissions | CWE-732 | Low |
Tempfile Predictable Path | CWE-377 | Low |
Hardcoded Password/Credentials | CWE-798 | Low |
Miscellaneous Dangerous Functions | CWE-676 | Low |
Copyright © 2024 Mend.io (White Source Ltd.) | All rights reserved.