jprdonnelly/docs
1
0
Fork 0
mirror of synced 2025-12-19 18:10:59 -05:00
Code Issues Projects Releases Wiki Activity
Files
main
docs/data/reusables/code-scanning/codeql-query-tables/go.md
docs-bot 23469ccef5 Update CodeQL query tables (#58725) 
Co-authored-by: Óscar San José <oscarsj@github.com>
2025-12-11 12:56:08 +00:00

9.1 KiB
Raw Permalink Blame History

{% rowheaders %}

Query name Related CWEs Default Extended {% data variables.copilot.copilot_autofix_short %}
Arbitrary file access during archive extraction ("Zip Slip") 022 {% octicon "check" aria-label="Included" %} {% octicon "check" aria-label="Included" %} {% octicon "check" aria-label="Included" %}
Arbitrary file write extracting an archive containing symbolic links 022 {% octicon "check" aria-label="Included" %} {% octicon "check" aria-label="Included" %} {% octicon "check" aria-label="Included" %}
Bad redirect check 601 {% octicon "check" aria-label="Included" %} {% octicon "check" aria-label="Included" %} {% octicon "check" aria-label="Included" %}
Clear-text logging of sensitive information 312, 315, 359 {% octicon "check" aria-label="Included" %} {% octicon "check" aria-label="Included" %} {% octicon "check" aria-label="Included" %}
Command built from user-controlled sources 078 {% octicon "check" aria-label="Included" %} {% octicon "check" aria-label="Included" %} {% octicon "x" aria-label="Not included" %}
Cookie 'HttpOnly' attribute is not set to true 1004 {% octicon "check" aria-label="Included" %} {% octicon "check" aria-label="Included" %} {% octicon "x" aria-label="Not included" %}
Cookie 'Secure' attribute is not set to true 614 {% octicon "check" aria-label="Included" %} {% octicon "check" aria-label="Included" %} {% octicon "x" aria-label="Not included" %}
Cross-site scripting via HTML template escaping bypass 079, 116 {% octicon "check" aria-label="Included" %} {% octicon "check" aria-label="Included" %} {% octicon "x" aria-label="Not included" %}
Database query built from user-controlled sources 089 {% octicon "check" aria-label="Included" %} {% octicon "check" aria-label="Included" %} {% octicon "check" aria-label="Included" %}
Disabled TLS certificate check 295 {% octicon "check" aria-label="Included" %} {% octicon "check" aria-label="Included" %} {% octicon "check" aria-label="Included" %}
Email content injection 640 {% octicon "check" aria-label="Included" %} {% octicon "check" aria-label="Included" %} {% octicon "check" aria-label="Included" %}
Incomplete regular expression for hostnames 020 {% octicon "check" aria-label="Included" %} {% octicon "check" aria-label="Included" %} {% octicon "check" aria-label="Included" %}
Incomplete URL scheme check 020 {% octicon "check" aria-label="Included" %} {% octicon "check" aria-label="Included" %} {% octicon "check" aria-label="Included" %}
Incorrect conversion between integer types 190, 681 {% octicon "check" aria-label="Included" %} {% octicon "check" aria-label="Included" %} {% octicon "check" aria-label="Included" %}
Information exposure through a stack trace 209, 497 {% octicon "check" aria-label="Included" %} {% octicon "check" aria-label="Included" %} {% octicon "check" aria-label="Included" %}
Insecure TLS configuration 327 {% octicon "check" aria-label="Included" %} {% octicon "check" aria-label="Included" %} {% octicon "check" aria-label="Included" %}
Missing JWT signature check 347 {% octicon "check" aria-label="Included" %} {% octicon "check" aria-label="Included" %} {% octicon "check" aria-label="Included" %}
Missing regular expression anchor 020 {% octicon "check" aria-label="Included" %} {% octicon "check" aria-label="Included" %} {% octicon "check" aria-label="Included" %}
Open URL redirect 601 {% octicon "check" aria-label="Included" %} {% octicon "check" aria-label="Included" %} {% octicon "check" aria-label="Included" %}
Potentially unsafe quoting 078, 089, 094 {% octicon "check" aria-label="Included" %} {% octicon "check" aria-label="Included" %} {% octicon "check" aria-label="Included" %}
Reflected cross-site scripting 079, 116 {% octicon "check" aria-label="Included" %} {% octicon "check" aria-label="Included" %} {% octicon "check" aria-label="Included" %}
Size computation for allocation may overflow 190 {% octicon "check" aria-label="Included" %} {% octicon "check" aria-label="Included" %} {% octicon "check" aria-label="Included" %}
Slice memory allocation with excessive size value 770 {% octicon "check" aria-label="Included" %} {% octicon "check" aria-label="Included" %} {% octicon "check" aria-label="Included" %}
Suspicious characters in a regular expression 020 {% octicon "check" aria-label="Included" %} {% octicon "check" aria-label="Included" %} {% octicon "check" aria-label="Included" %}
Uncontrolled data used in network request 918 {% octicon "check" aria-label="Included" %} {% octicon "check" aria-label="Included" %} {% octicon "x" aria-label="Not included" %}
Uncontrolled data used in path expression 022, 023, 036, 073, 099 {% octicon "check" aria-label="Included" %} {% octicon "check" aria-label="Included" %} {% octicon "check" aria-label="Included" %}
Use of a broken or weak cryptographic algorithm 327, 328 {% octicon "check" aria-label="Included" %} {% octicon "check" aria-label="Included" %} {% octicon "x" aria-label="Not included" %}
Use of a broken or weak cryptographic hashing algorithm on sensitive data 327, 328, 916 {% octicon "check" aria-label="Included" %} {% octicon "check" aria-label="Included" %} {% octicon "x" aria-label="Not included" %}
Use of a weak cryptographic key 326 {% octicon "check" aria-label="Included" %} {% octicon "check" aria-label="Included" %} {% octicon "check" aria-label="Included" %}
Use of constant state value in OAuth 2.0 URL 352 {% octicon "check" aria-label="Included" %} {% octicon "check" aria-label="Included" %} {% octicon "check" aria-label="Included" %}
Use of insecure HostKeyCallback implementation 322 {% octicon "check" aria-label="Included" %} {% octicon "check" aria-label="Included" %} {% octicon "check" aria-label="Included" %}
Use of insufficient randomness as the key of a cryptographic algorithm 338 {% octicon "check" aria-label="Included" %} {% octicon "check" aria-label="Included" %} {% octicon "check" aria-label="Included" %}
XPath injection 643 {% octicon "check" aria-label="Included" %} {% octicon "check" aria-label="Included" %} {% octicon "check" aria-label="Included" %}
Log entries created from user input 117 {% octicon "x" aria-label="Not included" %} {% octicon "check" aria-label="Included" %} {% octicon "check" aria-label="Included" %}

{% endrowheaders %}

Reference in New Issue View Git Blame Copy Permalink