CodeAnt AI home pagelight logodark logo
  • Dashboard
  • Dashboard
  • Documentation
  • Demo Call with CEO
  • Blog
  • Slack
    • Get Started
    • CodeAnt AI
    • Setup
    • Control Center
    • Pull Request Review
    • IDE
    • Compliance
    • Anti-Patterns
    • Code Governance
    • Infrastructure Security Database
    • Application Security Database
      • Apex
      • Bash
      • C
      • Clojure
      • Cpp
      • Csharp
      • Dockerfile
      • Elixir
      • Fingerprints
      • Generic
      • Go
        • Aws-lambda
        • Gin
        • Gorilla
        • Gorm
        • Grpc
        • Jwt-go
        • Lang
          • Best practice
          • Correctness
          • Correctness
          • Maintainability
          • Memory
          • Security
          • Security
        • Net
        • Otto
        • Secrets
        • Template
      • Html
      • Java
      • Javascript
      • Json
      • Kotlin
      • Ocaml
      • Php
      • Problem-based-packs
      • Python
      • Ruby
      • Rust
      • Scala
      • Solidity
      • Swift
      • Terraform
      • Typescript
      • Yaml
    • Open Source
    • Blogs
    Lang

    Security

    filepath-clean-misuse

    Clean is not intended to sanitize against path traversal attacks. This function is for finding the shortest path name equivalent to the given input. Using Clean to sanitize file reads may expose this application to path traversal attacks, where an attacker could access arbitrary files on the server. To fix this easily, write this: filepath.FromSlash(path.Clean("/"+strings.Trim(req.URL.Path, "/"))) However, a better solution is using the SecureJoin function in the package filepath-securejoin. See https://pkg.go.dev/github.com/cyphar/filepath-securejoin#section-readme.
    Likelihood: MEDIUM
    Confidence: MEDIUM
    CWE:
    - CWE-22: Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’)
    OWASP:
    - A05:2017 - Broken Access Control
    - A01:2021 - Broken Access Control

    path-traversal-inside-zip-extraction

    File traversal when extracting zip archive
    Likelihood: LOW
    Confidence: LOW
    CWE:
    - CWE-22: Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’)
    OWASP:
    - A05:2017 - Broken Access Control
    - A01:2021 - Broken Access Control

    bad-tmp-file-creation

    File creation in shared tmp directory without using ioutil.Tempfile
    Likelihood: LOW
    Confidence: LOW
    CWE:
    - CWE-377: Insecure Temporary File
    OWASP:
    - A01:2021 - Broken Access Control

    potential-dos-via-decompression-bomb

    Detected a possible denial-of-service via a zip bomb attack. By limiting the max bytes read, you can mitigate this attack. io.CopyN() can specify a size.
    Likelihood: LOW
    Confidence: LOW
    CWE:
    - CWE-400: Uncontrolled Resource Consumption
    Memory aliasingAudit
    twitterlinkedin
    Powered by Mintlify
    Assistant
    Responses are generated using AI and may contain mistakes.