@runsec/mcp 1.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (40) hide show
  1. package/dist/index.js +578 -0
  2. package/package.json +43 -0
  3. package/src/rules/data/rule-compliance-map.json +43563 -0
  4. package/src/rules/data/semgrep-rules/README-taint-overlays.md +21 -0
  5. package/src/rules/data/semgrep-rules/advanced-agent-cloud.yaml +802 -0
  6. package/src/rules/data/semgrep-rules/app-logic.yaml +445 -0
  7. package/src/rules/data/semgrep-rules/auth-keycloak.yaml +831 -0
  8. package/src/rules/data/semgrep-rules/browser-agent.yaml +260 -0
  9. package/src/rules/data/semgrep-rules/cloud-secrets.yaml +316 -0
  10. package/src/rules/data/semgrep-rules/csharp-dotnet.yaml +4864 -0
  11. package/src/rules/data/semgrep-rules/desktop-electron-pro.yaml +30 -0
  12. package/src/rules/data/semgrep-rules/desktop-vsto-suite.yaml +2759 -0
  13. package/src/rules/data/semgrep-rules/devops-security.yaml +393 -0
  14. package/src/rules/data/semgrep-rules/domain-access-management.yaml +1023 -0
  15. package/src/rules/data/semgrep-rules/domain-data-privacy.yaml +852 -0
  16. package/src/rules/data/semgrep-rules/domain-input-validation.yaml +2894 -0
  17. package/src/rules/data/semgrep-rules/domain-platform-hardening.yaml +1715 -0
  18. package/src/rules/data/semgrep-rules/ds-ml-security.yaml +2431 -0
  19. package/src/rules/data/semgrep-rules/fastapi-async.yaml +5953 -0
  20. package/src/rules/data/semgrep-rules/frontend-react.yaml +4035 -0
  21. package/src/rules/data/semgrep-rules/frontend-security.yaml +200 -0
  22. package/src/rules/data/semgrep-rules/go-core.yaml +4959 -0
  23. package/src/rules/data/semgrep-rules/hft-cpp-security.yaml +631 -0
  24. package/src/rules/data/semgrep-rules/infra-k8s-helm.yaml +4968 -0
  25. package/src/rules/data/semgrep-rules/integration-security.yaml +2362 -0
  26. package/src/rules/data/semgrep-rules/java-enterprise.yaml +14756 -0
  27. package/src/rules/data/semgrep-rules/java-spring.yaml +397 -0
  28. package/src/rules/data/semgrep-rules/license-compliance.yaml +186 -0
  29. package/src/rules/data/semgrep-rules/mobile-flutter.yaml +37 -0
  30. package/src/rules/data/semgrep-rules/mobile-security.yaml +721 -0
  31. package/src/rules/data/semgrep-rules/nodejs-nestjs.yaml +5164 -0
  32. package/src/rules/data/semgrep-rules/nodejs-security.yaml +326 -0
  33. package/src/rules/data/semgrep-rules/observability.yaml +381 -0
  34. package/src/rules/data/semgrep-rules/php-security.yaml +3601 -0
  35. package/src/rules/data/semgrep-rules/python-backend-pro.yaml +30 -0
  36. package/src/rules/data/semgrep-rules/python-django.yaml +181 -0
  37. package/src/rules/data/semgrep-rules/python-security.yaml +284 -0
  38. package/src/rules/data/semgrep-rules/ru-regulatory.yaml +496 -0
  39. package/src/rules/data/semgrep-rules/ruby-rails.yaml +3078 -0
  40. package/src/rules/data/semgrep-rules/rust-security.yaml +2701 -0
package/src/rules/data/semgrep-rules/go-core.yaml ADDED
@@ -0,0 +1,4959 @@
1
+ rules:
2
+ - id: runsec.go-core.go-001
3
+ metadata:
4
+ runsec_version: v1.0
5
+ confidence: |-
6
+ 0.9
7
+ exploit_scenario: |-
8
+ Атакующий доставляет входные данные, соответствующие anti-pattern; реальный ущерб зависит от приёмника (sink), конфигурации и границ доверия.
9
+ fix_template: |-
10
+ action := r.URL.Query().Get("action") allowed := map[string][]string{"uptime": {"uptime"}} ... exec.Command(allowed[action][0]).Run()
11
+ pattern-either:
12
+ - pattern: |-
13
+ cmd := r.URL.Query().Get("cmd")
14
+ ...
15
+ exec.Command("sh", "-c", cmd).Run()
16
+ - pattern-regex: 'Vulnerable:\\s*GO\\-001\\b'
17
+ message: |-
18
+ RunSec Detection [GO-001]: CWE-78
19
+ languages:
20
+ - go
21
+ severity: WARNING
22
+ - id: runsec.go-core.go-002
23
+ metadata:
24
+ runsec_version: v1.0
25
+ confidence: |-
26
+ 0.9
27
+ exploit_scenario: |-
28
+ Атакующий доставляет входные данные, соответствующие anti-pattern; реальный ущерб зависит от приёмника (sink), конфигурации и границ доверия.
29
+ fix_template: |-
30
+ host := r.URL.Query().Get("host") if !hostRe.MatchString(host) { return } ... exec.Command("ping", "-c", "1", host).Run()
31
+ pattern-either:
32
+ - pattern: |-
33
+ host := r.URL.Query().Get("host")
34
+ ...
35
+ exec.Command("bash", "-c", "ping -c 1 "+host).Run()
36
+ - pattern-regex: 'Vulnerable:\\s*GO\\-002\\b'
37
+ message: |-
38
+ RunSec Detection [GO-002]: CWE-77
39
+ languages:
40
+ - go
41
+ severity: WARNING
42
+ - id: runsec.go-core.go-003
43
+ metadata:
44
+ runsec_version: v1.0
45
+ confidence: |-
46
+ 0.9
47
+ exploit_scenario: |-
48
+ Атакующий доставляет входные данные, соответствующие anti-pattern; реальный ущерб зависит от приёмника (sink), конфигурации и границ доверия.
49
+ fix_template: |-
50
+ order := r.URL.Query().Get("order") if order != "name" && order != "created_at" { order = "name" } ... q := "SELECT * FROM users ORDER BY " + order
51
+ pattern-either:
52
+ - pattern: |-
53
+ order := r.URL.Query().Get("order")
54
+ ...
55
+ q := "SELECT * FROM users ORDER BY " + order
56
+ - pattern-regex: 'Vulnerable:\\s*GO\\-003\\b'
57
+ message: |-
58
+ RunSec Detection [GO-003]: CWE-74
59
+ languages:
60
+ - go
61
+ severity: WARNING
62
+ - id: runsec.go-core.go-004
63
+ metadata:
64
+ runsec_version: v1.0
65
+ confidence: |-
66
+ 0.9
67
+ exploit_scenario: |-
68
+ Атакующий доставляет входные данные, соответствующие anti-pattern; реальный ущерб зависит от приёмника (sink), конфигурации и границ доверия.
69
+ fix_template: |-
70
+ m := r.URL.Query().Get("method") if m != "Health" && m != "Status" { return } ... reflect.ValueOf(handler).MethodByName(m).Call(nil)
71
+ pattern-either:
72
+ - pattern: |-
73
+ m := r.URL.Query().Get("method")
74
+ ...
75
+ reflect.ValueOf(handler).MethodByName(m).Call(nil)
76
+ - pattern-regex: 'Vulnerable:\\s*GO\\-004\\b'
77
+ message: |-
78
+ RunSec Detection [GO-004]: CWE-470
79
+ languages:
80
+ - go
81
+ severity: WARNING
82
+ - id: runsec.go-core.go-005
83
+ metadata:
84
+ runsec_version: v1.0
85
+ confidence: |-
86
+ 0.9
87
+ exploit_scenario: |-
88
+ Атакующий доставляет входные данные, соответствующие anti-pattern; реальный ущерб зависит от приёмника (sink), конфигурации и границ доверия.
89
+ fix_template: |-
90
+ name := r.URL.Query().Get("plugin") if _, ok := allowedPlugins[name]; !ok { return } ... plugin.Open(allowedPlugins[name])
91
+ pattern-either:
92
+ - pattern: |-
93
+ name := r.URL.Query().Get("plugin")
94
+ ...
95
+ plugin.Open(name)
96
+ - pattern-regex: 'Vulnerable:\\s*GO\\-005\\b'
97
+ message: |-
98
+ RunSec Detection [GO-005]: CWE-470
99
+ languages:
100
+ - go
101
+ severity: WARNING
102
+ - id: runsec.go-core.go-006
103
+ metadata:
104
+ runsec_version: v1.0
105
+ confidence: |-
106
+ 0.9
107
+ exploit_scenario: |-
108
+ Атакующий доставляет входные данные, соответствующие anti-pattern; реальный ущерб зависит от приёмника (sink), конфигурации и границ доверия.
109
+ fix_template: |-
110
+ cmd := r.FormValue("cmd") if cmd != "normalize" { return } ... vm.RunString("normalize(input)")
111
+ pattern-either:
112
+ - pattern: |-
113
+ script := r.FormValue("script")
114
+ ...
115
+ vm.RunString(script)
116
+ - pattern-regex: 'Vulnerable:\\s*GO\\-006\\b'
117
+ message: |-
118
+ RunSec Detection [GO-006]: CWE-95
119
+ languages:
120
+ - go
121
+ severity: WARNING
122
+ - id: runsec.go-core.go-007
123
+ metadata:
124
+ runsec_version: v1.0
125
+ confidence: |-
126
+ 0.9
127
+ exploit_scenario: |-
128
+ Атакующий доставляет входные данные, соответствующие anti-pattern; реальный ущерб зависит от приёмника (sink), конфигурации и границ доверия.
129
+ fix_template: |-
130
+ name := r.FormValue("template") if _, ok := safeTemplates[name]; !ok { return } ... template.Must(template.ParseFiles(safeTemplates[name]))
131
+ pattern-either:
132
+ - pattern: |-
133
+ tpl := r.FormValue("tpl")
134
+ ...
135
+ template.Must(template.New("x").Parse(tpl))
136
+ - pattern-regex: 'Vulnerable:\\s*GO\\-007\\b'
137
+ message: |-
138
+ RunSec Detection [GO-007]: CWE-94
139
+ languages:
140
+ - go
141
+ severity: WARNING
142
+ - id: runsec.go-core.go-008
143
+ metadata:
144
+ runsec_version: v1.0
145
+ confidence: |-
146
+ 0.9
147
+ exploit_scenario: |-
148
+ Атакующий доставляет входные данные, соответствующие anti-pattern; реальный ущерб зависит от приёмника (sink), конфигурации и границ доверия.
149
+ fix_template: |-
150
+ tool := payload["tool"] allowed := map[string][]string{"date": {"date"}} if _, ok := allowed[tool.(string)]; !ok { return } ... exec.Command(allowed[tool.(string)][0]).Run()
151
+ pattern-either:
152
+ - pattern: |-
153
+ tool := payload["tool"]
154
+ ...
155
+ exec.Command(tool.(string)).Run()
156
+ - pattern-regex: 'Vulnerable:\\s*GO\\-008\\b'
157
+ message: |-
158
+ RunSec Detection [GO-008]: CWE-78
159
+ languages:
160
+ - go
161
+ severity: WARNING
162
+ - id: runsec.go-core.go-009
163
+ metadata:
164
+ runsec_version: v1.0
165
+ confidence: |-
166
+ 0.9
167
+ exploit_scenario: |-
168
+ Атакующий доставляет входные данные, соответствующие anti-pattern; реальный ущерб зависит от приёмника (sink), конфигурации и границ доверия.
169
+ fix_template: |-
170
+ go func(ctx context.Context) { for { select { case <-ctx.Done(): return default: ... } } }(ctx)
171
+ pattern-either:
172
+ - pattern: |-
173
+ go func() {
174
+ for {
175
+ ...
176
+ }
177
+ }()
178
+ - pattern-regex: 'Vulnerable:\\s*GO\\-009\\b'
179
+ message: |-
180
+ RunSec Detection [GO-009]: CWE-400
181
+ languages:
182
+ - go
183
+ severity: WARNING
184
+ - id: runsec.go-core.go-010
185
+ metadata:
186
+ runsec_version: v1.0
187
+ confidence: |-
188
+ 0.9
189
+ exploit_scenario: |-
190
+ Атакующий доставляет входные данные, соответствующие anti-pattern; реальный ущерб зависит от приёмника (sink), конфигурации и границ доверия.
191
+ fix_template: |-
192
+ name := r.URL.Query().Get("file") clean := filepath.Clean("/" + name) target := filepath.Join(root, clean) if !strings.HasPrefix(target, root) { return }
193
+ pattern-either:
194
+ - pattern: |-
195
+ name := r.URL.Query().Get("file")
196
+ ...
197
+ target := filepath.Join(root, name)
198
+ - pattern-regex: 'Vulnerable:\\s*GO\\-010\\b'
199
+ message: |-
200
+ RunSec Detection [GO-010]: CWE-22
201
+ languages:
202
+ - go
203
+ severity: WARNING
204
+ - id: runsec.go-core.go-011
205
+ metadata:
206
+ runsec_version: v1.0
207
+ confidence: |-
208
+ 0.9
209
+ exploit_scenario: |-
210
+ Атакующий доставляет входные данные, соответствующие anti-pattern; реальный ущерб зависит от приёмника (sink), конфигурации и границ доверия.
211
+ fix_template: |-
212
+ url := r.URL.Query().Get("url") host := parseHost(url) allowed := map[string]bool{"api.example.com": true} if !allowed[host] { return } resp, _ := http.Get(url)
213
+ pattern-either:
214
+ - pattern: |-
215
+ url := r.URL.Query().Get("url")
216
+ ...
217
+ resp, _ := http.Get(url)
218
+ - pattern-regex: 'Vulnerable:\\s*GO\\-011\\b'
219
+ message: |-
220
+ RunSec Detection [GO-011]: CWE-918
221
+ languages:
222
+ - go
223
+ severity: WARNING
224
+ - id: runsec.go-core.go-012
225
+ metadata:
226
+ runsec_version: v1.0
227
+ confidence: |-
228
+ 0.9
229
+ exploit_scenario: |-
230
+ Атакующий доставляет входные данные, соответствующие anti-pattern; реальный ущерб зависит от приёмника (sink), конфигурации и границ доверия.
231
+ fix_template: |-
232
+ buf := make([]byte, n) ... _ = buf[offset:] // avoid unsafe pointer arithmetic
233
+ pattern-either:
234
+ - pattern: |-
235
+ var ptr unsafe.Pointer
236
+ ...
237
+ ptr2 := unsafe.Pointer(uintptr(ptr) + offset)
238
+ - pattern-regex: 'Vulnerable:\\s*GO\\-012\\b'
239
+ message: |-
240
+ RunSec Detection [GO-012]: CWE-242
241
+ languages:
242
+ - go
243
+ severity: WARNING
244
+ - id: runsec.go-core.go-013
245
+ metadata:
246
+ runsec_version: v1.0
247
+ confidence: |-
248
+ 0.9
249
+ exploit_scenario: |-
250
+ Атакующий доставляет входные данные, соответствующие anti-pattern; реальный ущерб зависит от приёмника (sink), конфигурации и границ доверия.
251
+ fix_template: |-
252
+ ... h := sha256.New()
253
+ pattern-either:
254
+ - pattern: |-
255
+ ...
256
+ h := md5.New()
257
+ ...
258
+ h2 := sha1.New()
259
+ - pattern-regex: 'Vulnerable:\\s*GO\\-013\\b'
260
+ message: |-
261
+ RunSec Detection [GO-013]: CWE-327
262
+ languages:
263
+ - go
264
+ severity: WARNING
265
+ - id: runsec.go-core.go-014
266
+ metadata:
267
+ runsec_version: v1.0
268
+ confidence: |-
269
+ 0.9
270
+ exploit_scenario: |-
271
+ Атакующий доставляет входные данные, соответствующие anti-pattern; реальный ущерб зависит от приёмника (sink), конфигурации и границ доверия.
272
+ fix_template: |-
273
+ next := r.URL.Query().Get("next") if !isRelativeOrAllowed(next) { next = "/" } http.Redirect(w, r, next, http.StatusFound)
274
+ pattern-either:
275
+ - pattern: |-
276
+ next := r.URL.Query().Get("next")
277
+ ...
278
+ http.Redirect(w, r, next, http.StatusFound)
279
+ - pattern-regex: 'Vulnerable:\\s*GO\\-014\\b'
280
+ message: |-
281
+ RunSec Detection [GO-014]: CWE-601
282
+ languages:
283
+ - go
284
+ severity: WARNING
285
+ - id: runsec.go-core.go-015
286
+ metadata:
287
+ runsec_version: v1.0
288
+ confidence: |-
289
+ 0.9
290
+ exploit_scenario: |-
291
+ Атакующий доставляет входные данные, соответствующие anti-pattern; реальный ущерб зависит от приёмника (sink), конфигурации и границ доверия.
292
+ fix_template: |-
293
+ userInput := r.URL.Query().Get("user") safe := strings.NewReplacer("\\n", "\\\\n", "\\r", "\\\\r").Replace(userInput) ... log.Printf("User: %s", safe)
294
+ pattern-either:
295
+ - pattern: |-
296
+ userInput := r.URL.Query().Get("user")
297
+ ...
298
+ log.Printf("User: %s", userInput)
299
+ - pattern-regex: 'Vulnerable:\\s*GO\\-015\\b'
300
+ message: |-
301
+ RunSec Detection [GO-015]: CWE-117
302
+ languages:
303
+ - go
304
+ severity: WARNING
305
+ - id: runsec.go-core.go-016
306
+ metadata:
307
+ runsec_version: v1.0
308
+ confidence: |-
309
+ 0.9
310
+ exploit_scenario: |-
311
+ Атакующий доставляет входные данные, соответствующие anti-pattern; реальный ущерб зависит от приёмника (sink), конфигурации и границ доверия.
312
+ fix_template: |-
313
+ apiKey := os.Getenv("API_KEY") if apiKey == "" { panic("missing API_KEY") }
314
+ pattern-either:
315
+ - pattern: |-
316
+ const apiKey = "prod-api-key-12345"
317
+ ...
318
+ token := "hardcoded-token"
319
+ - pattern-regex: 'Vulnerable:\\s*GO\\-016\\b'
320
+ message: |-
321
+ RunSec Detection [GO-016]: CWE-798
322
+ languages:
323
+ - go
324
+ severity: WARNING
325
+ - id: runsec.go-core.go-017
326
+ metadata:
327
+ runsec_version: v1.0
328
+ confidence: |-
329
+ 0.9
330
+ exploit_scenario: |-
331
+ Атакующий доставляет входные данные, соответствующие anti-pattern; реальный ущерб зависит от приёмника (sink), конфигурации и границ доверия.
332
+ fix_template: |-
333
+ ... mu.Lock() counter = counter + 1 mu.Unlock()
334
+ pattern-either:
335
+ - pattern: |-
336
+ ...
337
+ counter++
338
+ ...
339
+ go func() {
340
+ counter = counter + 1
341
+ }()
342
+ - pattern-regex: 'Vulnerable:\\s*GO\\-017\\b'
343
+ message: |-
344
+ RunSec Detection [GO-017]: CWE-362
345
+ languages:
346
+ - go
347
+ severity: WARNING
348
+ - id: runsec.go-core.go-018
349
+ metadata:
350
+ runsec_version: v1.0
351
+ confidence: |-
352
+ 0.9
353
+ exploit_scenario: |-
354
+ Атакующий доставляет входные данные, соответствующие anti-pattern; реальный ущерб зависит от приёмника (sink), конфигурации и границ доверия.
355
+ fix_template: |-
356
+ token, _ := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) { if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok { return nil, fmt.Errorf("unexpected signing method") } return key, nil })
357
+ pattern-either:
358
+ - pattern: |-
359
+ token, _ := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) {
360
+ return key, nil
361
+ })
362
+ - pattern-regex: 'Vulnerable:\\s*GO\\-018\\b'
363
+ message: |-
364
+ RunSec Detection [GO-018]: CWE-287
365
+ languages:
366
+ - go
367
+ severity: WARNING
368
+ - id: runsec.go-core.go-019
369
+ metadata:
370
+ runsec_version: v1.0
371
+ confidence: |-
372
+ 0.9
373
+ exploit_scenario: |-
374
+ Атакующий доставляет входные данные, соответствующие anti-pattern; реальный ущерб зависит от приёмника (sink), конфигурации и границ доверия.
375
+ fix_template: |-
376
+ rows, err := db.Query(query) if err != nil { return err } defer rows.Close() ...
377
+ pattern-either:
378
+ - pattern: |-
379
+ rows, _ := db.Query(query)
380
+ ...
381
+ for rows.Next() {
382
+ ...
383
+ }
384
+ - pattern-regex: 'Vulnerable:\\s*GO\\-019\\b'
385
+ message: |-
386
+ RunSec Detection [GO-019]: CWE-770
387
+ languages:
388
+ - go
389
+ severity: WARNING
390
+ - id: runsec.go-core.go-020
391
+ metadata:
392
+ runsec_version: v1.0
393
+ confidence: |-
394
+ 0.9
395
+ exploit_scenario: |-
396
+ Атакующий доставляет входные данные, соответствующие anti-pattern; реальный ущерб зависит от приёмника (sink), конфигурации и границ доверия.
397
+ fix_template: |-
398
+ tr := &http.Transport{ TLSClientConfig: &tls.Config{InsecureSkipVerify: false}, }
399
+ pattern-either:
400
+ - pattern: |-
401
+ tr := &http.Transport{
402
+ TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
403
+ }
404
+ - pattern-regex: 'Vulnerable:\\s*GO\\-020\\b'
405
+ message: |-
406
+ RunSec Detection [GO-020]: CWE-295
407
+ languages:
408
+ - go
409
+ severity: WARNING
410
+ - id: runsec.go-core.go-021
411
+ metadata:
412
+ runsec_version: v1.0
413
+ confidence: |-
414
+ 0.9
415
+ exploit_scenario: |-
416
+ Атакующий доставляет входные данные, соответствующие anti-pattern; реальный ущерб зависит от приёмника (sink), конфигурации и границ доверия.
417
+ fix_template: |-
418
+ f, err := os.Open(path) if err != nil { return err } defer f.Close() ...
419
+ pattern-either:
420
+ - pattern: |-
421
+ f, _ := os.Open(path)
422
+ ...
423
+ data, _ := io.ReadAll(f)
424
+ - pattern-regex: 'Vulnerable:\\s*GO\\-021\\b'
425
+ message: |-
426
+ RunSec Detection [GO-021]: CWE-404
427
+ languages:
428
+ - go
429
+ severity: WARNING
430
+ - id: runsec.go-core.go-022
431
+ metadata:
432
+ runsec_version: v1.0
433
+ confidence: |-
434
+ 0.9
435
+ exploit_scenario: |-
436
+ Атакующий доставляет входные данные, соответствующие anti-pattern; реальный ущерб зависит от приёмника (sink), конфигурации и границ доверия.
437
+ fix_template: |-
438
+ tmpl := template.Must(template.New("x").Parse("Hello {{.Name}}")) ... tmpl.Execute(w, map[string]string{"Name": name})
439
+ pattern-either:
440
+ - pattern: |-
441
+ name := r.URL.Query().Get("name")
442
+ ...
443
+ fmt.Fprintf(w, name)
444
+ - pattern-regex: 'Vulnerable:\\s*GO\\-022\\b'
445
+ message: |-
446
+ RunSec Detection [GO-022]: CWE-116
447
+ languages:
448
+ - go
449
+ severity: WARNING
450
+ - id: runsec.go-core.go-023
451
+ metadata:
452
+ runsec_version: v1.0
453
+ confidence: |-
454
+ 0.9
455
+ exploit_scenario: |-
456
+ Атакующий доставляет входные данные, соответствующие anti-pattern; реальный ущерб зависит от приёмника (sink), конфигурации и границ доверия.
457
+ fix_template: |-
458
+ body, _ := io.ReadAll(io.LimitReader(r.Body, maxBytes)) ... _ = body
459
+ pattern-either:
460
+ - pattern: |-
461
+ body, _ := ioutil.ReadAll(r.Body)
462
+ ...
463
+ _ = body
464
+ - pattern-regex: 'Vulnerable:\\s*GO\\-023\\b'
465
+ message: |-
466
+ RunSec Detection [GO-023]: CWE-20
467
+ languages:
468
+ - go
469
+ severity: WARNING
470
+ - id: runsec.go-core.go-024
471
+ metadata:
472
+ runsec_version: v1.0
473
+ confidence: |-
474
+ 0.9
475
+ exploit_scenario: |-
476
+ Атакующий доставляет входные данные, соответствующие anti-pattern; реальный ущерб зависит от приёмника (sink), конфигурации и границ доверия.
477
+ fix_template: |-
478
+ if debugEnabled { mux := http.NewServeMux() ... http.ListenAndServe("127.0.0.1:6060", mux) }
479
+ pattern-either:
480
+ - pattern: |-
481
+ import _ "net/http/pprof"
482
+ ...
483
+ http.ListenAndServe(":6060", nil)
484
+ - pattern-regex: 'Vulnerable:\\s*GO\\-024\\b'
485
+ message: |-
486
+ RunSec Detection [GO-024]: CWE-489
487
+ languages:
488
+ - go
489
+ severity: WARNING
490
+ - id: runsec.go-core.go-025
491
+ metadata:
492
+ runsec_version: v1.0
493
+ confidence: |-
494
+ 0.9
495
+ exploit_scenario: |-
496
+ Атакующий доставляет входные данные, соответствующие anti-pattern; реальный ущерб зависит от приёмника (sink), конфигурации и границ доверия.
497
+ fix_template: |-
498
+ srv := grpc.NewServer(grpc.UnaryInterceptor(grpc_auth.UnaryServerInterceptor(authFunc))) ... func authFunc(ctx context.Context) (context.Context, error) { md, _ := metadata.FromIncomingContext(ctx) ... return ctx, nil }
499
+ pattern-either:
500
+ - pattern: |-
501
+ func (s *Server) Transfer(ctx context.Context, req *pb.TransferRequest) (*pb.TransferReply, error) {
502
+ ...
503
+ return s.svc.Transfer(ctx, req)
504
+ }
505
+ - pattern-regex: 'Vulnerable:\\s*GO\\-025\\b'
506
+ message: |-
507
+ RunSec Detection [GO-025]: CWE-285
508
+ languages:
509
+ - go
510
+ severity: WARNING
511
+ - id: runsec.go-core.go-026
512
+ metadata:
513
+ runsec_version: v1.0
514
+ confidence: |-
515
+ 0.9
516
+ exploit_scenario: |-
517
+ Атакующий доставляет входные данные, соответствующие anti-pattern; реальный ущерб зависит от приёмника (sink), конфигурации и границ доверия.
518
+ fix_template: |-
519
+ for _, f := range zipReader.File { targetPath := filepath.Join(dest, f.Name) clean := filepath.Clean(targetPath) if !strings.HasPrefix(clean, filepath.Clean(dest)+string(os.PathSeparator)) { return fmt.Errorf("zip slip detected") } writeFile(clean, f) }
520
+ pattern-either:
521
+ - pattern: |-
522
+ for _, f := range zipReader.File {
523
+ ...
524
+ targetPath := filepath.Join(dest, f.Name)
525
+ writeFile(targetPath, f)
526
+ }
527
+ - pattern-regex: 'Vulnerable:\\s*GO\\-026\\b'
528
+ message: |-
529
+ RunSec Detection [GO-026]: CWE-22
530
+ languages:
531
+ - go
532
+ severity: WARNING
533
+ - id: runsec.go-core.go-027
534
+ metadata:
535
+ runsec_version: v1.0
536
+ confidence: |-
537
+ 0.9
538
+ exploit_scenario: |-
539
+ Атакующий доставляет входные данные, соответствующие anti-pattern; реальный ущерб зависит от приёмника (sink), конфигурации и границ доверия.
540
+ fix_template: |-
541
+ proxy := &httputil.ReverseProxy{ Director: func(req *http.Request) { ... req.Header = cloneAllowedHeaders(r.Header) stripHopByHop(req.Header) }, }
542
+ pattern-either:
543
+ - pattern: |-
544
+ proxy := &httputil.ReverseProxy{
545
+ Director: func(req *http.Request) {
546
+ ...
547
+ req.Header = r.Header
548
+ },
549
+ }
550
+ - pattern-regex: 'Vulnerable:\\s*GO\\-027\\b'
551
+ message: |-
552
+ RunSec Detection [GO-027]: CWE-444
553
+ languages:
554
+ - go
555
+ severity: WARNING
556
+ - id: runsec.go-core.go-028
557
+ metadata:
558
+ runsec_version: v1.0
559
+ confidence: |-
560
+ 0.9
561
+ exploit_scenario: |-
562
+ Атакующий доставляет входные данные, соответствующие anti-pattern; реальный ущерб зависит от приёмника (sink), конфигурации и границ доверия.
563
+ fix_template: |-
564
+ func CopyMessage(msg proto.Message) proto.Message { ... return proto.Clone(msg) }
565
+ pattern-either:
566
+ - pattern: |-
567
+ func DeepCopy(dst, src interface{}) {
568
+ ...
569
+ reflect.ValueOf(dst).Elem().Set(reflect.ValueOf(src).Elem())
570
+ }
571
+ - pattern-regex: 'Vulnerable:\\s*GO\\-028\\b'
572
+ message: |-
573
+ RunSec Detection [GO-028]: CWE-20
574
+ languages:
575
+ - go
576
+ severity: WARNING
577
+ - id: runsec.go-core.go-029
578
+ metadata:
579
+ runsec_version: v1.0
580
+ confidence: |-
581
+ 0.9
582
+ exploit_scenario: |-
583
+ Атакующий доставляет входные данные, соответствующие anti-pattern; реальный ущерб зависит от приёмника (sink), конфигурации и границ доверия.
584
+ fix_template: |-
585
+ pem, err := os.ReadFile("/etc/ssl/certs/internal-ca.pem") ... pool.AppendCertsFromPEM(pem)
586
+ pattern-either:
587
+ - pattern: |-
588
+ const rootPEM = "-----BEGIN CERTIFICATE-----..."
589
+ ...
590
+ pool.AppendCertsFromPEM([]byte(rootPEM))
591
+ - pattern-regex: 'Vulnerable:\\s*GO\\-029\\b'
592
+ message: |-
593
+ RunSec Detection [GO-029]: CWE-295
594
+ languages:
595
+ - go
596
+ severity: WARNING
597
+ - id: runsec.go-core.go-030
598
+ metadata:
599
+ runsec_version: v1.0
600
+ confidence: |-
601
+ 0.9
602
+ exploit_scenario: |-
603
+ Атакующий доставляет входные данные, соответствующие anti-pattern; реальный ущерб зависит от приёмника (sink), конфигурации и границ доверия.
604
+ fix_template: |-
605
+ srv := grpc.NewServer(grpc.MaxRecvMsgSize(4*1024*1024)) ... pb.RegisterApiServer(srv, api)
606
+ pattern-either:
607
+ - pattern: |-
608
+ srv := grpc.NewServer()
609
+ ...
610
+ pb.RegisterApiServer(srv, api)
611
+ - pattern-regex: 'Vulnerable:\\s*GO\\-030\\b'
612
+ message: |-
613
+ RunSec Detection [GO-030]: CWE-770
614
+ languages:
615
+ - go
616
+ severity: WARNING
617
+ - id: runsec.go-core.go-031
618
+ metadata:
619
+ runsec_version: v1.0
620
+ confidence: |-
621
+ 0.9
622
+ exploit_scenario: |-
623
+ Атакующий доставляет входные данные, соответствующие anti-pattern; реальный ущерб зависит от приёмника (sink), конфигурации и границ доверия.
624
+ fix_template: |-
625
+ b := make([]byte, 32) ... if _, err := cryptorand.Read(b); err != nil { return err }
626
+ pattern-either:
627
+ - pattern: |-
628
+ b := make([]byte, 32)
629
+ ...
630
+ for i := range b {
631
+ b[i] = byte(rand.Intn(256))
632
+ }
633
+ - pattern-regex: 'Vulnerable:\\s*GO\\-031\\b'
634
+ message: |-
635
+ RunSec Detection [GO-031]: CWE-327
636
+ languages:
637
+ - go
638
+ severity: WARNING
639
+ - id: runsec.go-core.go-032
640
+ metadata:
641
+ runsec_version: v1.0
642
+ confidence: |-
643
+ 0.9
644
+ exploit_scenario: |-
645
+ Атакующий доставляет входные данные, соответствующие anti-pattern; реальный ущерб зависит от приёмника (sink), конфигурации и границ доверия.
646
+ fix_template: |-
647
+ raw, _ := io.ReadAll(io.LimitReader(r.Body, maxBytes)) ... json.Unmarshal(raw, &payload)
648
+ pattern-either:
649
+ - pattern: |-
650
+ raw, _ := io.ReadAll(r.Body)
651
+ ...
652
+ json.Unmarshal(raw, &payload)
653
+ - pattern-regex: 'Vulnerable:\\s*GO\\-032\\b'
654
+ message: |-
655
+ RunSec Detection [GO-032]: CWE-400
656
+ languages:
657
+ - go
658
+ severity: WARNING
659
+ - id: runsec.go-core.go-033
660
+ metadata:
661
+ runsec_version: v1.0
662
+ confidence: |-
663
+ 0.9
664
+ exploit_scenario: |-
665
+ Атакующий доставляет входные данные, соответствующие anti-pattern; реальный ущерб зависит от приёмника (sink), конфигурации и границ доверия.
666
+ fix_template: |-
667
+ name := r.URL.Query().Get("name") ... db.Where("name = ?", name).Find(&users) ... db.Raw("SELECT * FROM users WHERE name = ?", name).Scan(&users)
668
+ pattern-either:
669
+ - pattern: |-
670
+ name := r.URL.Query().Get("name")
671
+ ...
672
+ db.Where("name = '" + name + "'").Find(&users)
673
+ ...
674
+ db.Raw("SELECT * FROM users WHERE name = '" + name + "'").Scan(&users)
675
+ - pattern-regex: 'Vulnerable:\\s*GO\\-033\\b'
676
+ message: |-
677
+ RunSec Detection [GO-033]: CWE-89
678
+ languages:
679
+ - go
680
+ severity: WARNING
681
+ - id: runsec.go-core.go-034
682
+ metadata:
683
+ runsec_version: v1.0
684
+ confidence: |-
685
+ 0.9
686
+ exploit_scenario: |-
687
+ Атакующий доставляет входные данные, соответствующие anti-pattern; реальный ущерб зависит от приёмника (sink), конфигурации и границ доверия.
688
+ fix_template: |-
689
+ input := r.URL.Query().Get("html") tmpl := template.Must(template.New("x").Parse("{{.Content}}")) ... tmpl.Execute(w, map[string]string{"Content": input})
690
+ pattern-either:
691
+ - pattern: |-
692
+ input := r.URL.Query().Get("html")
693
+ ...
694
+ unsafeHTML := template.HTML(input)
695
+ fmt.Fprint(w, unsafeHTML)
696
+ - pattern-regex: 'Vulnerable:\\s*GO\\-034\\b'
697
+ message: |-
698
+ RunSec Detection [GO-034]: CWE-79
699
+ languages:
700
+ - go
701
+ severity: WARNING
702
+ - id: runsec.go-core.go-035
703
+ metadata:
704
+ runsec_version: v1.0
705
+ confidence: |-
706
+ 0.9
707
+ exploit_scenario: |-
708
+ Атакующий доставляет входные данные, соответствующие anti-pattern; реальный ущерб зависит от приёмника (sink), конфигурации и границ доверия.
709
+ fix_template: |-
710
+ err := someInternalError ... log.Printf("internal error: %v", err) return errors.New("internal server error")
711
+ pattern-either:
712
+ - pattern: |-
713
+ err := someInternalError
714
+ ...
715
+ return fmt.Errorf("db=%s secret=%s path=%s", dsn, apiKey, filePath)
716
+ - pattern-regex: 'Vulnerable:\\s*GO\\-035\\b'
717
+ message: |-
718
+ RunSec Detection [GO-035]: CWE-209
719
+ languages:
720
+ - go
721
+ severity: WARNING
722
+ - id: runsec.go-core.go-036
723
+ metadata:
724
+ runsec_version: v1.0
725
+ confidence: |-
726
+ 0.9
727
+ exploit_scenario: |-
728
+ Атакующий доставляет входные данные, соответствующие anti-pattern; реальный ущерб зависит от приёмника (sink), конфигурации и границ доверия.
729
+ fix_template: |-
730
+ buf := []byte(input) cbuf := C.CBytes(buf) defer C.free(cbuf) ... C.process(cbuf)
731
+ pattern-either:
732
+ - pattern: |-
733
+ ...
734
+ ptr := unsafe.Pointer(uintptr(cptr) + offset)
735
+ C.process(ptr)
736
+ - pattern-regex: 'Vulnerable:\\s*GO\\-036\\b'
737
+ message: |-
738
+ RunSec Detection [GO-036]: CWE-119
739
+ languages:
740
+ - go
741
+ severity: WARNING
742
+ - id: runsec.go-core.go-037
743
+ metadata:
744
+ runsec_version: v1.0
745
+ confidence: |-
746
+ 0.9
747
+ exploit_scenario: |-
748
+ Атакующий доставляет входные данные, соответствующие anti-pattern; реальный ущерб зависит от приёмника (sink), конфигурации и границ доверия.
749
+ fix_template: |-
750
+ allowed := map[string]bool{"name": true, "email": true} for k, v := range incomingMap { if allowed[k] { targetMap[k] = v } }
751
+ pattern-either:
752
+ - pattern: |-
753
+ for k, v := range incomingMap {
754
+ targetMap[k] = v
755
+ }
756
+ - pattern-regex: 'Vulnerable:\\s*GO\\-037\\b'
757
+ message: |-
758
+ RunSec Detection [GO-037]: CWE-915
759
+ languages:
760
+ - go
761
+ severity: WARNING
762
+ - id: runsec.go-core.go-038
763
+ metadata:
764
+ runsec_version: v1.0
765
+ confidence: |-
766
+ 0.9
767
+ exploit_scenario: |-
768
+ Атакующий доставляет входные данные, соответствующие anti-pattern; реальный ущерб зависит от приёмника (sink), конфигурации и границ доверия.
769
+ fix_template: |-
770
+ xmlParser := customxml.NewParser() ... xmlParser.DisableExternalEntities(true) xmlParser.Parse(rawXML)
771
+ pattern-either:
772
+ - pattern: |-
773
+ xmlParser := customxml.NewParser()
774
+ ...
775
+ xmlParser.Parse(rawXML)
776
+ - pattern-regex: 'Vulnerable:\\s*GO\\-038\\b'
777
+ message: |-
778
+ RunSec Detection [GO-038]: CWE-611
779
+ languages:
780
+ - go
781
+ severity: WARNING
782
+ - id: runsec.go-core.go-039
783
+ metadata:
784
+ runsec_version: v1.0
785
+ confidence: |-
786
+ 0.9
787
+ exploit_scenario: |-
788
+ Атакующий доставляет входные данные, соответствующие anti-pattern; реальный ущерб зависит от приёмника (sink), конфигурации и границ доверия.
789
+ fix_template: |-
790
+ if len(longUserInput) > 2048 { return } re := regexp.MustCompile(userRegex) ... re.MatchString(longUserInput)
791
+ pattern-either:
792
+ - pattern: |-
793
+ re := regexp.MustCompile(userRegex)
794
+ ...
795
+ re.MatchString(longUserInput)
796
+ - pattern-regex: 'Vulnerable:\\s*GO\\-039\\b'
797
+ message: |-
798
+ RunSec Detection [GO-039]: CWE-400
799
+ languages:
800
+ - go
801
+ severity: WARNING
802
+ - id: runsec.go-core.go-040
803
+ metadata:
804
+ runsec_version: v1.0
805
+ confidence: |-
806
+ 0.9
807
+ exploit_scenario: |-
808
+ Атакующий доставляет входные данные, соответствующие anti-pattern; реальный ущерб зависит от приёмника (sink), конфигурации и границ доверия.
809
+ fix_template: |-
810
+ jwtKey := []byte(os.Getenv("JWT_SECRET")) if len(jwtKey) == 0 { panic("missing JWT_SECRET") }
811
+ pattern-either:
812
+ - pattern: |-
813
+ jwtKey := []byte("my-secret-key")
814
+ - pattern-regex: 'Vulnerable:\\s*GO\\-040\\b'
815
+ message: |-
816
+ RunSec Detection [GO-040]: CWE-798
817
+ languages:
818
+ - go
819
+ severity: WARNING
820
+ - id: runsec.go-core.go-041
821
+ metadata:
822
+ runsec_version: v1.0
823
+ confidence: |-
824
+ 0.9
825
+ exploit_scenario: |-
826
+ N/A
827
+ fix_template: |-
828
+ GraphQL query depth must be capped and enforced before execution.
829
+ pattern-either:
830
+ - pattern: |-
831
+ schema.Exec(ctx, queryFromClient, vars)
832
+ - pattern-regex: 'Vulnerable:\\s*GO\\-041\\b'
833
+ message: |-
834
+ RunSec Detection [GO-041]: CWE-400
835
+ languages:
836
+ - go
837
+ severity: WARNING
838
+ - id: runsec.go-core.go-042
839
+ metadata:
840
+ runsec_version: v1.0
841
+ confidence: |-
842
+ 0.9
843
+ exploit_scenario: |-
844
+ N/A
845
+ fix_template: |-
846
+ Reject circular fragment references before resolver execution.
847
+ pattern-either:
848
+ - pattern: |-
849
+ result := gql.Exec(ctx, query)
850
+ - pattern-regex: 'Vulnerable:\\s*GO\\-042\\b'
851
+ message: |-
852
+ RunSec Detection [GO-042]: CWE-674
853
+ languages:
854
+ - go
855
+ severity: WARNING
856
+ - id: runsec.go-core.go-043
857
+ metadata:
858
+ runsec_version: v1.0
859
+ confidence: |-
860
+ 0.9
861
+ exploit_scenario: |-
862
+ N/A
863
+ fix_template: |-
864
+ Enforce object and field-level authorization in every resolver path.
865
+ pattern-either:
866
+ - pattern: |-
867
+ func (r *Resolver) Account(ctx context.Context, id string) *Account { return repo.Get(id) }
868
+ - pattern-regex: 'Vulnerable:\\s*GO\\-043\\b'
869
+ message: |-
870
+ RunSec Detection [GO-043]: CWE-285
871
+ languages:
872
+ - go
873
+ severity: WARNING
874
+ - id: runsec.go-core.go-044
875
+ metadata:
876
+ runsec_version: v1.0
877
+ confidence: |-
878
+ 0.9
879
+ exploit_scenario: |-
880
+ N/A
881
+ fix_template: |-
882
+ Disable introspection for non-admin traffic in production.
883
+ pattern-either:
884
+ - pattern: |-
885
+ srv := handler.NewDefaultServer(schema)
886
+ - pattern-regex: 'Vulnerable:\\s*GO\\-044\\b'
887
+ message: |-
888
+ RunSec Detection [GO-044]: CWE-200
889
+ languages:
890
+ - go
891
+ severity: WARNING
892
+ - id: runsec.go-core.go-045
893
+ metadata:
894
+ runsec_version: v1.0
895
+ confidence: |-
896
+ 0.9
897
+ exploit_scenario: |-
898
+ N/A
899
+ fix_template: |-
900
+ Apply max complexity budget per request and tenant.
901
+ pattern-either:
902
+ - pattern: |-
903
+ schema.Exec(ctx, query, vars)
904
+ - pattern-regex: 'Vulnerable:\\s*GO\\-045\\b'
905
+ message: |-
906
+ RunSec Detection [GO-045]: CWE-400
907
+ languages:
908
+ - go
909
+ severity: WARNING
910
+ - id: runsec.go-core.go-046
911
+ metadata:
912
+ runsec_version: v1.0
913
+ confidence: |-
914
+ 0.9
915
+ exploit_scenario: |-
916
+ N/A
917
+ fix_template: |-
918
+ Prevent stream deadlocks using timeout, bounded buffers, and non-blocking select.
919
+ pattern-either:
920
+ - pattern: |-
921
+ for { in,_:=stream.Recv(); out <- in; stream.Send(<-out) }
922
+ - pattern-regex: 'Vulnerable:\\s*GO\\-046\\b'
923
+ message: |-
924
+ RunSec Detection [GO-046]: CWE-833
925
+ languages:
926
+ - go
927
+ severity: WARNING
928
+ - id: runsec.go-core.go-047
929
+ metadata:
930
+ runsec_version: v1.0
931
+ confidence: |-
932
+ 0.9
933
+ exploit_scenario: |-
934
+ N/A
935
+ fix_template: |-
936
+ Protect reflection and admin metadata services with explicit auth scopes.
937
+ pattern-either:
938
+ - pattern: |-
939
+ func (s *Srv) Reflect(ctx context.Context, req *pb.ReflectReq) (*pb.ReflectResp, error) { return s.reflect(req), nil }
940
+ - pattern-regex: 'Vulnerable:\\s*GO\\-047\\b'
941
+ message: |-
942
+ RunSec Detection [GO-047]: CWE-306
943
+ languages:
944
+ - go
945
+ severity: WARNING
946
+ - id: runsec.go-core.go-048
947
+ metadata:
948
+ runsec_version: v1.0
949
+ confidence: |-
950
+ 0.9
951
+ exploit_scenario: |-
952
+ N/A
953
+ fix_template: |-
954
+ Set strict protobuf message size limits server-side.
955
+ pattern-either:
956
+ - pattern: |-
957
+ srv := grpc.NewServer()
958
+ - pattern-regex: 'Vulnerable:\\s*GO\\-048\\b'
959
+ message: |-
960
+ RunSec Detection [GO-048]: CWE-770
961
+ languages:
962
+ - go
963
+ severity: WARNING
964
+ - id: runsec.go-core.go-049
965
+ metadata:
966
+ runsec_version: v1.0
967
+ confidence: |-
968
+ 0.9
969
+ exploit_scenario: |-
970
+ N/A
971
+ fix_template: |-
972
+ Derive identity from verified token/mTLS, never from caller-supplied metadata.
973
+ pattern-either:
974
+ - pattern: |-
975
+ uid := md["x-user-id"][0]
976
+ - pattern-regex: 'Vulnerable:\\s*GO\\-049\\b'
977
+ message: |-
978
+ RunSec Detection [GO-049]: CWE-290
979
+ languages:
980
+ - go
981
+ severity: WARNING
982
+ - id: runsec.go-core.go-050
983
+ metadata:
984
+ runsec_version: v1.0
985
+ confidence: |-
986
+ 0.9
987
+ exploit_scenario: |-
988
+ N/A
989
+ fix_template: |-
990
+ Ensure auth interceptors run before business handlers.
991
+ pattern-either:
992
+ - pattern: |-
993
+ grpc.NewServer(grpc.UnaryInterceptor(loggingOnly))
994
+ - pattern-regex: 'Vulnerable:\\s*GO\\-050\\b'
995
+ message: |-
996
+ RunSec Detection [GO-050]: CWE-306
997
+ languages:
998
+ - go
999
+ severity: WARNING
1000
+ - id: runsec.go-core.go-051
1001
+ metadata:
1002
+ runsec_version: v1.0
1003
+ confidence: |-
1004
+ 0.9
1005
+ exploit_scenario: |-
1006
+ N/A
1007
+ fix_template: |-
1008
+ Isolate cache keys by tenant and subject context.
1009
+ pattern-either:
1010
+ - pattern: |-
1011
+ loader := globalLoader
1012
+ - pattern-regex: 'Vulnerable:\\s*GO\\-051\\b'
1013
+ message: |-
1014
+ RunSec Detection [GO-051]: CWE-639
1015
+ languages:
1016
+ - go
1017
+ severity: WARNING
1018
+ - id: runsec.go-core.go-052
1019
+ metadata:
1020
+ runsec_version: v1.0
1021
+ confidence: |-
1022
+ 0.9
1023
+ exploit_scenario: |-
1024
+ N/A
1025
+ fix_template: |-
1026
+ Revalidate authorization on subscription establish and renew events.
1027
+ pattern-either:
1028
+ - pattern: |-
1029
+ return pubsub.Subscribe(topic)
1030
+ - pattern-regex: 'Vulnerable:\\s*GO\\-052\\b'
1031
+ message: |-
1032
+ RunSec Detection [GO-052]: CWE-287
1033
+ languages:
1034
+ - go
1035
+ severity: WARNING
1036
+ - id: runsec.go-core.go-053
1037
+ metadata:
1038
+ runsec_version: v1.0
1039
+ confidence: |-
1040
+ 0.9
1041
+ exploit_scenario: |-
1042
+ N/A
1043
+ fix_template: |-
1044
+ Cap alias count to stop fan-out abuse in single request.
1045
+ pattern-either:
1046
+ - pattern: |-
1047
+ schema.Exec(ctx, query)
1048
+ - pattern-regex: 'Vulnerable:\\s*GO\\-053\\b'
1049
+ message: |-
1050
+ RunSec Detection [GO-053]: CWE-770
1051
+ languages:
1052
+ - go
1053
+ severity: WARNING
1054
+ - id: runsec.go-core.go-054
1055
+ metadata:
1056
+ runsec_version: v1.0
1057
+ confidence: |-
1058
+ 0.9
1059
+ exploit_scenario: |-
1060
+ N/A
1061
+ fix_template: |-
1062
+ Allowlist Any.type_url before unmarshal/dispatch.
1063
+ pattern-either:
1064
+ - pattern: |-
1065
+ proto.Unmarshal(b, &a)
1066
+ - pattern-regex: 'Vulnerable:\\s*GO\\-054\\b'
1067
+ message: |-
1068
+ RunSec Detection [GO-054]: CWE-502
1069
+ languages:
1070
+ - go
1071
+ severity: WARNING
1072
+ - id: runsec.go-core.go-055
1073
+ metadata:
1074
+ runsec_version: v1.0
1075
+ confidence: |-
1076
+ 0.9
1077
+ exploit_scenario: |-
1078
+ N/A
1079
+ fix_template: |-
1080
+ Bind stream workers to context cancellation and cleanup.
1081
+ pattern-either:
1082
+ - pattern: |-
1083
+ go consume(stream)
1084
+ - pattern-regex: 'Vulnerable:\\s*GO\\-055\\b'
1085
+ message: |-
1086
+ RunSec Detection [GO-055]: CWE-400
1087
+ languages:
1088
+ - go
1089
+ severity: WARNING
1090
+ - id: runsec.go-core.go-056
1091
+ metadata:
1092
+ runsec_version: v1.0
1093
+ confidence: |-
1094
+ 0.9
1095
+ exploit_scenario: |-
1096
+ N/A
1097
+ fix_template: |-
1098
+ Enforce serializable transaction and row locking for monetary mutations.
1099
+ pattern-either:
1100
+ - pattern: |-
1101
+ if bal[from] >= amt { bal[from]-=amt; bal[to]+=amt }
1102
+ - pattern-regex: 'Vulnerable:\\s*GO\\-056\\b'
1103
+ message: |-
1104
+ RunSec Detection [GO-056]: CWE-362
1105
+ languages:
1106
+ - go
1107
+ severity: WARNING
1108
+ - id: runsec.go-core.go-057
1109
+ metadata:
1110
+ runsec_version: v1.0
1111
+ confidence: |-
1112
+ 0.9
1113
+ exploit_scenario: |-
1114
+ N/A
1115
+ fix_template: |-
1116
+ Use atomic reservation to prevent duplicate payout execution.
1117
+ pattern-either:
1118
+ - pattern: |-
1119
+ if !seen(key) { mark(key); pay() }
1120
+ - pattern-regex: 'Vulnerable:\\s*GO\\-057\\b'
1121
+ message: |-
1122
+ RunSec Detection [GO-057]: CWE-367
1123
+ languages:
1124
+ - go
1125
+ severity: WARNING
1126
+ - id: runsec.go-core.go-058
1127
+ metadata:
1128
+ runsec_version: v1.0
1129
+ confidence: |-
1130
+ 0.9
1131
+ exploit_scenario: |-
1132
+ N/A
1133
+ fix_template: |-
1134
+ Namespace persisted-query cache and verify hash integrity.
1135
+ pattern-either:
1136
+ - pattern: |-
1137
+ cache.Set(hash, query)
1138
+ - pattern-regex: 'Vulnerable:\\s*GO\\-058\\b'
1139
+ message: |-
1140
+ RunSec Detection [GO-058]: CWE-349
1141
+ languages:
1142
+ - go
1143
+ severity: WARNING
1144
+ - id: runsec.go-core.go-059
1145
+ metadata:
1146
+ runsec_version: v1.0
1147
+ confidence: |-
1148
+ 0.9
1149
+ exploit_scenario: |-
1150
+ N/A
1151
+ fix_template: |-
1152
+ Propagate and enforce deadlines in all downstream calls.
1153
+ pattern-either:
1154
+ - pattern: |-
1155
+ res,err := svc.Call(ctx,req)
1156
+ - pattern-regex: 'Vulnerable:\\s*GO\\-059\\b'
1157
+ message: |-
1158
+ RunSec Detection [GO-059]: CWE-400
1159
+ languages:
1160
+ - go
1161
+ severity: WARNING
1162
+ - id: runsec.go-core.go-060
1163
+ metadata:
1164
+ runsec_version: v1.0
1165
+ confidence: |-
1166
+ 0.9
1167
+ exploit_scenario: |-
1168
+ N/A
1169
+ fix_template: |-
1170
+ Expose reflection only on trusted admin interface.
1171
+ pattern-either:
1172
+ - pattern: |-
1173
+ reflection.Register(grpcServer)
1174
+ - pattern-regex: 'Vulnerable:\\s*GO\\-060\\b'
1175
+ message: |-
1176
+ RunSec Detection [GO-060]: CWE-200
1177
+ languages:
1178
+ - go
1179
+ severity: WARNING
1180
+ - id: runsec.go-core.gox-101
1181
+ metadata:
1182
+ runsec_version: v1.0
1183
+ confidence: |-
1184
+ 0.9
1185
+ exploit_scenario: |-
1186
+ Concurrent writes produce inconsistent state and race-driven bypasses.
1187
+ fix_template: |-
1188
+ Autofix: wrap shared state writes with mutex lock and unlock.
1189
+ pattern-either:
1190
+ - pattern: |-
1191
+ go func(){ sharedCounter++ }()
1192
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-101\\b'
1193
+ message: |-
1194
+ RunSec Detection [GOX-101]: CWE-662
1195
+ languages:
1196
+ - go
1197
+ severity: WARNING
1198
+ - id: runsec.go-core.gox-102
1199
+ metadata:
1200
+ runsec_version: v1.0
1201
+ confidence: |-
1202
+ 0.9
1203
+ exploit_scenario: |-
1204
+ Nil interface panic causes request crash and availability impact.
1205
+ fix_template: |-
1206
+ Autofix: add nil guard for interface dependencies before method calls.
1207
+ pattern-either:
1208
+ - pattern: |-
1209
+ repo.GetUser(ctx, id)
1210
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-102\\b'
1211
+ message: |-
1212
+ RunSec Detection [GOX-102]: CWE-476
1213
+ languages:
1214
+ - go
1215
+ severity: WARNING
1216
+ - id: runsec.go-core.gox-103
1217
+ metadata:
1218
+ runsec_version: v1.0
1219
+ confidence: |-
1220
+ 0.9
1221
+ exploit_scenario: |-
1222
+ Cross-tenant object read is possible when IDs are not ownership-scoped.
1223
+ fix_template: |-
1224
+ Autofix: enforce tenant-bound ID resolver before object access.
1225
+ pattern-either:
1226
+ - pattern: |-
1227
+ orderID := r.URL.Query().Get("id")
1228
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-103\\b'
1229
+ message: |-
1230
+ RunSec Detection [GOX-103]: CWE-639
1231
+ languages:
1232
+ - go
1233
+ severity: WARNING
1234
+ - id: runsec.go-core.gox-104
1235
+ metadata:
1236
+ runsec_version: v1.0
1237
+ confidence: |-
1238
+ 0.9
1239
+ exploit_scenario: |-
1240
+ Untrusted keys can alter privilege-related fields.
1241
+ fix_template: |-
1242
+ Autofix: map only trusted keys instead of arbitrary payload map iteration.
1243
+ pattern-either:
1244
+ - pattern: |-
1245
+ for k, v := range payload { applyField(&user, k, v) }
1246
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-104\\b'
1247
+ message: |-
1248
+ RunSec Detection [GOX-104]: CWE-915
1249
+ languages:
1250
+ - go
1251
+ severity: WARNING
1252
+ - id: runsec.go-core.gox-105
1253
+ metadata:
1254
+ runsec_version: v1.0
1255
+ confidence: |-
1256
+ 0.9
1257
+ exploit_scenario: |-
1258
+ Untracked goroutines leak resources and produce non-deterministic behavior.
1259
+ fix_template: |-
1260
+ Autofix: add WaitGroup lifecycle around spawned goroutines.
1261
+ pattern-either:
1262
+ - pattern: |-
1263
+ go worker(task)
1264
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-105\\b'
1265
+ message: |-
1266
+ RunSec Detection [GOX-105]: CWE-667
1267
+ languages:
1268
+ - go
1269
+ severity: WARNING
1270
+ - id: runsec.go-core.gox-106
1271
+ metadata:
1272
+ runsec_version: v1.0
1273
+ confidence: |-
1274
+ 0.9
1275
+ exploit_scenario: |-
1276
+ Concurrent writes produce inconsistent state and race-driven bypasses.
1277
+ fix_template: |-
1278
+ Autofix: wrap shared state writes with mutex lock and unlock.
1279
+ pattern-either:
1280
+ - pattern: |-
1281
+ go func(){ sharedCounter++ }()
1282
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-106\\b'
1283
+ message: |-
1284
+ RunSec Detection [GOX-106]: CWE-662
1285
+ languages:
1286
+ - go
1287
+ severity: WARNING
1288
+ - id: runsec.go-core.gox-107
1289
+ metadata:
1290
+ runsec_version: v1.0
1291
+ confidence: |-
1292
+ 0.9
1293
+ exploit_scenario: |-
1294
+ Nil interface panic causes request crash and availability impact.
1295
+ fix_template: |-
1296
+ Autofix: add nil guard for interface dependencies before method calls.
1297
+ pattern-either:
1298
+ - pattern: |-
1299
+ repo.GetUser(ctx, id)
1300
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-107\\b'
1301
+ message: |-
1302
+ RunSec Detection [GOX-107]: CWE-476
1303
+ languages:
1304
+ - go
1305
+ severity: WARNING
1306
+ - id: runsec.go-core.gox-108
1307
+ metadata:
1308
+ runsec_version: v1.0
1309
+ confidence: |-
1310
+ 0.9
1311
+ exploit_scenario: |-
1312
+ Cross-tenant object read is possible when IDs are not ownership-scoped.
1313
+ fix_template: |-
1314
+ Autofix: enforce tenant-bound ID resolver before object access.
1315
+ pattern-either:
1316
+ - pattern: |-
1317
+ orderID := r.URL.Query().Get("id")
1318
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-108\\b'
1319
+ message: |-
1320
+ RunSec Detection [GOX-108]: CWE-639
1321
+ languages:
1322
+ - go
1323
+ severity: WARNING
1324
+ - id: runsec.go-core.gox-109
1325
+ metadata:
1326
+ runsec_version: v1.0
1327
+ confidence: |-
1328
+ 0.9
1329
+ exploit_scenario: |-
1330
+ Untrusted keys can alter privilege-related fields.
1331
+ fix_template: |-
1332
+ Autofix: map only trusted keys instead of arbitrary payload map iteration.
1333
+ pattern-either:
1334
+ - pattern: |-
1335
+ for k, v := range payload { applyField(&user, k, v) }
1336
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-109\\b'
1337
+ message: |-
1338
+ RunSec Detection [GOX-109]: CWE-915
1339
+ languages:
1340
+ - go
1341
+ severity: WARNING
1342
+ - id: runsec.go-core.gox-110
1343
+ metadata:
1344
+ runsec_version: v1.0
1345
+ confidence: |-
1346
+ 0.9
1347
+ exploit_scenario: |-
1348
+ Untracked goroutines leak resources and produce non-deterministic behavior.
1349
+ fix_template: |-
1350
+ Autofix: add WaitGroup lifecycle around spawned goroutines.
1351
+ pattern-either:
1352
+ - pattern: |-
1353
+ go worker(task)
1354
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-110\\b'
1355
+ message: |-
1356
+ RunSec Detection [GOX-110]: CWE-667
1357
+ languages:
1358
+ - go
1359
+ severity: WARNING
1360
+ - id: runsec.go-core.gox-111
1361
+ metadata:
1362
+ runsec_version: v1.0
1363
+ confidence: |-
1364
+ 0.9
1365
+ exploit_scenario: |-
1366
+ Concurrent writes produce inconsistent state and race-driven bypasses.
1367
+ fix_template: |-
1368
+ Autofix: wrap shared state writes with mutex lock and unlock.
1369
+ pattern-either:
1370
+ - pattern: |-
1371
+ go func(){ sharedCounter++ }()
1372
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-111\\b'
1373
+ message: |-
1374
+ RunSec Detection [GOX-111]: CWE-662
1375
+ languages:
1376
+ - go
1377
+ severity: WARNING
1378
+ - id: runsec.go-core.gox-112
1379
+ metadata:
1380
+ runsec_version: v1.0
1381
+ confidence: |-
1382
+ 0.9
1383
+ exploit_scenario: |-
1384
+ Nil interface panic causes request crash and availability impact.
1385
+ fix_template: |-
1386
+ Autofix: add nil guard for interface dependencies before method calls.
1387
+ pattern-either:
1388
+ - pattern: |-
1389
+ repo.GetUser(ctx, id)
1390
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-112\\b'
1391
+ message: |-
1392
+ RunSec Detection [GOX-112]: CWE-476
1393
+ languages:
1394
+ - go
1395
+ severity: WARNING
1396
+ - id: runsec.go-core.gox-113
1397
+ metadata:
1398
+ runsec_version: v1.0
1399
+ confidence: |-
1400
+ 0.9
1401
+ exploit_scenario: |-
1402
+ Cross-tenant object read is possible when IDs are not ownership-scoped.
1403
+ fix_template: |-
1404
+ Autofix: enforce tenant-bound ID resolver before object access.
1405
+ pattern-either:
1406
+ - pattern: |-
1407
+ orderID := r.URL.Query().Get("id")
1408
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-113\\b'
1409
+ message: |-
1410
+ RunSec Detection [GOX-113]: CWE-639
1411
+ languages:
1412
+ - go
1413
+ severity: WARNING
1414
+ - id: runsec.go-core.gox-114
1415
+ metadata:
1416
+ runsec_version: v1.0
1417
+ confidence: |-
1418
+ 0.9
1419
+ exploit_scenario: |-
1420
+ Untrusted keys can alter privilege-related fields.
1421
+ fix_template: |-
1422
+ Autofix: map only trusted keys instead of arbitrary payload map iteration.
1423
+ pattern-either:
1424
+ - pattern: |-
1425
+ for k, v := range payload { applyField(&user, k, v) }
1426
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-114\\b'
1427
+ message: |-
1428
+ RunSec Detection [GOX-114]: CWE-915
1429
+ languages:
1430
+ - go
1431
+ severity: WARNING
1432
+ - id: runsec.go-core.gox-115
1433
+ metadata:
1434
+ runsec_version: v1.0
1435
+ confidence: |-
1436
+ 0.9
1437
+ exploit_scenario: |-
1438
+ Untracked goroutines leak resources and produce non-deterministic behavior.
1439
+ fix_template: |-
1440
+ Autofix: add WaitGroup lifecycle around spawned goroutines.
1441
+ pattern-either:
1442
+ - pattern: |-
1443
+ go worker(task)
1444
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-115\\b'
1445
+ message: |-
1446
+ RunSec Detection [GOX-115]: CWE-667
1447
+ languages:
1448
+ - go
1449
+ severity: WARNING
1450
+ - id: runsec.go-core.gox-116
1451
+ metadata:
1452
+ runsec_version: v1.0
1453
+ confidence: |-
1454
+ 0.9
1455
+ exploit_scenario: |-
1456
+ Concurrent writes produce inconsistent state and race-driven bypasses.
1457
+ fix_template: |-
1458
+ Autofix: wrap shared state writes with mutex lock and unlock.
1459
+ pattern-either:
1460
+ - pattern: |-
1461
+ go func(){ sharedCounter++ }()
1462
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-116\\b'
1463
+ message: |-
1464
+ RunSec Detection [GOX-116]: CWE-662
1465
+ languages:
1466
+ - go
1467
+ severity: WARNING
1468
+ - id: runsec.go-core.gox-117
1469
+ metadata:
1470
+ runsec_version: v1.0
1471
+ confidence: |-
1472
+ 0.9
1473
+ exploit_scenario: |-
1474
+ Nil interface panic causes request crash and availability impact.
1475
+ fix_template: |-
1476
+ Autofix: add nil guard for interface dependencies before method calls.
1477
+ pattern-either:
1478
+ - pattern: |-
1479
+ repo.GetUser(ctx, id)
1480
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-117\\b'
1481
+ message: |-
1482
+ RunSec Detection [GOX-117]: CWE-476
1483
+ languages:
1484
+ - go
1485
+ severity: WARNING
1486
+ - id: runsec.go-core.gox-118
1487
+ metadata:
1488
+ runsec_version: v1.0
1489
+ confidence: |-
1490
+ 0.9
1491
+ exploit_scenario: |-
1492
+ Cross-tenant object read is possible when IDs are not ownership-scoped.
1493
+ fix_template: |-
1494
+ Autofix: enforce tenant-bound ID resolver before object access.
1495
+ pattern-either:
1496
+ - pattern: |-
1497
+ orderID := r.URL.Query().Get("id")
1498
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-118\\b'
1499
+ message: |-
1500
+ RunSec Detection [GOX-118]: CWE-639
1501
+ languages:
1502
+ - go
1503
+ severity: WARNING
1504
+ - id: runsec.go-core.gox-119
1505
+ metadata:
1506
+ runsec_version: v1.0
1507
+ confidence: |-
1508
+ 0.9
1509
+ exploit_scenario: |-
1510
+ Untrusted keys can alter privilege-related fields.
1511
+ fix_template: |-
1512
+ Autofix: map only trusted keys instead of arbitrary payload map iteration.
1513
+ pattern-either:
1514
+ - pattern: |-
1515
+ for k, v := range payload { applyField(&user, k, v) }
1516
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-119\\b'
1517
+ message: |-
1518
+ RunSec Detection [GOX-119]: CWE-915
1519
+ languages:
1520
+ - go
1521
+ severity: WARNING
1522
+ - id: runsec.go-core.gox-120
1523
+ metadata:
1524
+ runsec_version: v1.0
1525
+ confidence: |-
1526
+ 0.9
1527
+ exploit_scenario: |-
1528
+ Untracked goroutines leak resources and produce non-deterministic behavior.
1529
+ fix_template: |-
1530
+ Autofix: add WaitGroup lifecycle around spawned goroutines.
1531
+ pattern-either:
1532
+ - pattern: |-
1533
+ go worker(task)
1534
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-120\\b'
1535
+ message: |-
1536
+ RunSec Detection [GOX-120]: CWE-667
1537
+ languages:
1538
+ - go
1539
+ severity: WARNING
1540
+ - id: runsec.go-core.gox-121
1541
+ metadata:
1542
+ runsec_version: v1.0
1543
+ confidence: |-
1544
+ 0.9
1545
+ exploit_scenario: |-
1546
+ Concurrent writes produce inconsistent state and race-driven bypasses.
1547
+ fix_template: |-
1548
+ Autofix: wrap shared state writes with mutex lock and unlock.
1549
+ pattern-either:
1550
+ - pattern: |-
1551
+ go func(){ sharedCounter++ }()
1552
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-121\\b'
1553
+ message: |-
1554
+ RunSec Detection [GOX-121]: CWE-662
1555
+ languages:
1556
+ - go
1557
+ severity: WARNING
1558
+ - id: runsec.go-core.gox-122
1559
+ metadata:
1560
+ runsec_version: v1.0
1561
+ confidence: |-
1562
+ 0.9
1563
+ exploit_scenario: |-
1564
+ Nil interface panic causes request crash and availability impact.
1565
+ fix_template: |-
1566
+ Autofix: add nil guard for interface dependencies before method calls.
1567
+ pattern-either:
1568
+ - pattern: |-
1569
+ repo.GetUser(ctx, id)
1570
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-122\\b'
1571
+ message: |-
1572
+ RunSec Detection [GOX-122]: CWE-476
1573
+ languages:
1574
+ - go
1575
+ severity: WARNING
1576
+ - id: runsec.go-core.gox-123
1577
+ metadata:
1578
+ runsec_version: v1.0
1579
+ confidence: |-
1580
+ 0.9
1581
+ exploit_scenario: |-
1582
+ Cross-tenant object read is possible when IDs are not ownership-scoped.
1583
+ fix_template: |-
1584
+ Autofix: enforce tenant-bound ID resolver before object access.
1585
+ pattern-either:
1586
+ - pattern: |-
1587
+ orderID := r.URL.Query().Get("id")
1588
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-123\\b'
1589
+ message: |-
1590
+ RunSec Detection [GOX-123]: CWE-639
1591
+ languages:
1592
+ - go
1593
+ severity: WARNING
1594
+ - id: runsec.go-core.gox-124
1595
+ metadata:
1596
+ runsec_version: v1.0
1597
+ confidence: |-
1598
+ 0.9
1599
+ exploit_scenario: |-
1600
+ Untrusted keys can alter privilege-related fields.
1601
+ fix_template: |-
1602
+ Autofix: map only trusted keys instead of arbitrary payload map iteration.
1603
+ pattern-either:
1604
+ - pattern: |-
1605
+ for k, v := range payload { applyField(&user, k, v) }
1606
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-124\\b'
1607
+ message: |-
1608
+ RunSec Detection [GOX-124]: CWE-915
1609
+ languages:
1610
+ - go
1611
+ severity: WARNING
1612
+ - id: runsec.go-core.gox-125
1613
+ metadata:
1614
+ runsec_version: v1.0
1615
+ confidence: |-
1616
+ 0.9
1617
+ exploit_scenario: |-
1618
+ Untracked goroutines leak resources and produce non-deterministic behavior.
1619
+ fix_template: |-
1620
+ Autofix: add WaitGroup lifecycle around spawned goroutines.
1621
+ pattern-either:
1622
+ - pattern: |-
1623
+ go worker(task)
1624
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-125\\b'
1625
+ message: |-
1626
+ RunSec Detection [GOX-125]: CWE-667
1627
+ languages:
1628
+ - go
1629
+ severity: WARNING
1630
+ - id: runsec.go-core.gox-126
1631
+ metadata:
1632
+ runsec_version: v1.0
1633
+ confidence: |-
1634
+ 0.9
1635
+ exploit_scenario: |-
1636
+ Concurrent writes produce inconsistent state and race-driven bypasses.
1637
+ fix_template: |-
1638
+ Autofix: wrap shared state writes with mutex lock and unlock.
1639
+ pattern-either:
1640
+ - pattern: |-
1641
+ go func(){ sharedCounter++ }()
1642
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-126\\b'
1643
+ message: |-
1644
+ RunSec Detection [GOX-126]: CWE-662
1645
+ languages:
1646
+ - go
1647
+ severity: WARNING
1648
+ - id: runsec.go-core.gox-127
1649
+ metadata:
1650
+ runsec_version: v1.0
1651
+ confidence: |-
1652
+ 0.9
1653
+ exploit_scenario: |-
1654
+ Nil interface panic causes request crash and availability impact.
1655
+ fix_template: |-
1656
+ Autofix: add nil guard for interface dependencies before method calls.
1657
+ pattern-either:
1658
+ - pattern: |-
1659
+ repo.GetUser(ctx, id)
1660
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-127\\b'
1661
+ message: |-
1662
+ RunSec Detection [GOX-127]: CWE-476
1663
+ languages:
1664
+ - go
1665
+ severity: WARNING
1666
+ - id: runsec.go-core.gox-128
1667
+ metadata:
1668
+ runsec_version: v1.0
1669
+ confidence: |-
1670
+ 0.9
1671
+ exploit_scenario: |-
1672
+ Cross-tenant object read is possible when IDs are not ownership-scoped.
1673
+ fix_template: |-
1674
+ Autofix: enforce tenant-bound ID resolver before object access.
1675
+ pattern-either:
1676
+ - pattern: |-
1677
+ orderID := r.URL.Query().Get("id")
1678
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-128\\b'
1679
+ message: |-
1680
+ RunSec Detection [GOX-128]: CWE-639
1681
+ languages:
1682
+ - go
1683
+ severity: WARNING
1684
+ - id: runsec.go-core.gox-129
1685
+ metadata:
1686
+ runsec_version: v1.0
1687
+ confidence: |-
1688
+ 0.9
1689
+ exploit_scenario: |-
1690
+ Untrusted keys can alter privilege-related fields.
1691
+ fix_template: |-
1692
+ Autofix: map only trusted keys instead of arbitrary payload map iteration.
1693
+ pattern-either:
1694
+ - pattern: |-
1695
+ for k, v := range payload { applyField(&user, k, v) }
1696
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-129\\b'
1697
+ message: |-
1698
+ RunSec Detection [GOX-129]: CWE-915
1699
+ languages:
1700
+ - go
1701
+ severity: WARNING
1702
+ - id: runsec.go-core.gox-130
1703
+ metadata:
1704
+ runsec_version: v1.0
1705
+ confidence: |-
1706
+ 0.9
1707
+ exploit_scenario: |-
1708
+ Untracked goroutines leak resources and produce non-deterministic behavior.
1709
+ fix_template: |-
1710
+ Autofix: add WaitGroup lifecycle around spawned goroutines.
1711
+ pattern-either:
1712
+ - pattern: |-
1713
+ go worker(task)
1714
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-130\\b'
1715
+ message: |-
1716
+ RunSec Detection [GOX-130]: CWE-667
1717
+ languages:
1718
+ - go
1719
+ severity: WARNING
1720
+ - id: runsec.go-core.gox-131
1721
+ metadata:
1722
+ runsec_version: v1.0
1723
+ confidence: |-
1724
+ 0.9
1725
+ exploit_scenario: |-
1726
+ Concurrent writes produce inconsistent state and race-driven bypasses.
1727
+ fix_template: |-
1728
+ Autofix: wrap shared state writes with mutex lock and unlock.
1729
+ pattern-either:
1730
+ - pattern: |-
1731
+ go func(){ sharedCounter++ }()
1732
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-131\\b'
1733
+ message: |-
1734
+ RunSec Detection [GOX-131]: CWE-662
1735
+ languages:
1736
+ - go
1737
+ severity: WARNING
1738
+ - id: runsec.go-core.gox-132
1739
+ metadata:
1740
+ runsec_version: v1.0
1741
+ confidence: |-
1742
+ 0.9
1743
+ exploit_scenario: |-
1744
+ Nil interface panic causes request crash and availability impact.
1745
+ fix_template: |-
1746
+ Autofix: add nil guard for interface dependencies before method calls.
1747
+ pattern-either:
1748
+ - pattern: |-
1749
+ repo.GetUser(ctx, id)
1750
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-132\\b'
1751
+ message: |-
1752
+ RunSec Detection [GOX-132]: CWE-476
1753
+ languages:
1754
+ - go
1755
+ severity: WARNING
1756
+ - id: runsec.go-core.gox-133
1757
+ metadata:
1758
+ runsec_version: v1.0
1759
+ confidence: |-
1760
+ 0.9
1761
+ exploit_scenario: |-
1762
+ Cross-tenant object read is possible when IDs are not ownership-scoped.
1763
+ fix_template: |-
1764
+ Autofix: enforce tenant-bound ID resolver before object access.
1765
+ pattern-either:
1766
+ - pattern: |-
1767
+ orderID := r.URL.Query().Get("id")
1768
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-133\\b'
1769
+ message: |-
1770
+ RunSec Detection [GOX-133]: CWE-639
1771
+ languages:
1772
+ - go
1773
+ severity: WARNING
1774
+ - id: runsec.go-core.gox-134
1775
+ metadata:
1776
+ runsec_version: v1.0
1777
+ confidence: |-
1778
+ 0.9
1779
+ exploit_scenario: |-
1780
+ Untrusted keys can alter privilege-related fields.
1781
+ fix_template: |-
1782
+ Autofix: map only trusted keys instead of arbitrary payload map iteration.
1783
+ pattern-either:
1784
+ - pattern: |-
1785
+ for k, v := range payload { applyField(&user, k, v) }
1786
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-134\\b'
1787
+ message: |-
1788
+ RunSec Detection [GOX-134]: CWE-915
1789
+ languages:
1790
+ - go
1791
+ severity: WARNING
1792
+ - id: runsec.go-core.gox-135
1793
+ metadata:
1794
+ runsec_version: v1.0
1795
+ confidence: |-
1796
+ 0.9
1797
+ exploit_scenario: |-
1798
+ Untracked goroutines leak resources and produce non-deterministic behavior.
1799
+ fix_template: |-
1800
+ Autofix: add WaitGroup lifecycle around spawned goroutines.
1801
+ pattern-either:
1802
+ - pattern: |-
1803
+ go worker(task)
1804
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-135\\b'
1805
+ message: |-
1806
+ RunSec Detection [GOX-135]: CWE-667
1807
+ languages:
1808
+ - go
1809
+ severity: WARNING
1810
+ - id: runsec.go-core.gox-136
1811
+ metadata:
1812
+ runsec_version: v1.0
1813
+ confidence: |-
1814
+ 0.9
1815
+ exploit_scenario: |-
1816
+ Concurrent writes produce inconsistent state and race-driven bypasses.
1817
+ fix_template: |-
1818
+ Autofix: wrap shared state writes with mutex lock and unlock.
1819
+ pattern-either:
1820
+ - pattern: |-
1821
+ go func(){ sharedCounter++ }()
1822
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-136\\b'
1823
+ message: |-
1824
+ RunSec Detection [GOX-136]: CWE-662
1825
+ languages:
1826
+ - go
1827
+ severity: WARNING
1828
+ - id: runsec.go-core.gox-137
1829
+ metadata:
1830
+ runsec_version: v1.0
1831
+ confidence: |-
1832
+ 0.9
1833
+ exploit_scenario: |-
1834
+ Nil interface panic causes request crash and availability impact.
1835
+ fix_template: |-
1836
+ Autofix: add nil guard for interface dependencies before method calls.
1837
+ pattern-either:
1838
+ - pattern: |-
1839
+ repo.GetUser(ctx, id)
1840
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-137\\b'
1841
+ message: |-
1842
+ RunSec Detection [GOX-137]: CWE-476
1843
+ languages:
1844
+ - go
1845
+ severity: WARNING
1846
+ - id: runsec.go-core.gox-138
1847
+ metadata:
1848
+ runsec_version: v1.0
1849
+ confidence: |-
1850
+ 0.9
1851
+ exploit_scenario: |-
1852
+ Cross-tenant object read is possible when IDs are not ownership-scoped.
1853
+ fix_template: |-
1854
+ Autofix: enforce tenant-bound ID resolver before object access.
1855
+ pattern-either:
1856
+ - pattern: |-
1857
+ orderID := r.URL.Query().Get("id")
1858
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-138\\b'
1859
+ message: |-
1860
+ RunSec Detection [GOX-138]: CWE-639
1861
+ languages:
1862
+ - go
1863
+ severity: WARNING
1864
+ - id: runsec.go-core.gox-139
1865
+ metadata:
1866
+ runsec_version: v1.0
1867
+ confidence: |-
1868
+ 0.9
1869
+ exploit_scenario: |-
1870
+ Untrusted keys can alter privilege-related fields.
1871
+ fix_template: |-
1872
+ Autofix: map only trusted keys instead of arbitrary payload map iteration.
1873
+ pattern-either:
1874
+ - pattern: |-
1875
+ for k, v := range payload { applyField(&user, k, v) }
1876
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-139\\b'
1877
+ message: |-
1878
+ RunSec Detection [GOX-139]: CWE-915
1879
+ languages:
1880
+ - go
1881
+ severity: WARNING
1882
+ - id: runsec.go-core.gox-140
1883
+ metadata:
1884
+ runsec_version: v1.0
1885
+ confidence: |-
1886
+ 0.9
1887
+ exploit_scenario: |-
1888
+ Untracked goroutines leak resources and produce non-deterministic behavior.
1889
+ fix_template: |-
1890
+ Autofix: add WaitGroup lifecycle around spawned goroutines.
1891
+ pattern-either:
1892
+ - pattern: |-
1893
+ go worker(task)
1894
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-140\\b'
1895
+ message: |-
1896
+ RunSec Detection [GOX-140]: CWE-667
1897
+ languages:
1898
+ - go
1899
+ severity: WARNING
1900
+ - id: runsec.go-core.gox-141
1901
+ metadata:
1902
+ runsec_version: v1.0
1903
+ confidence: |-
1904
+ 0.9
1905
+ exploit_scenario: |-
1906
+ Concurrent writes produce inconsistent state and race-driven bypasses.
1907
+ fix_template: |-
1908
+ Autofix: wrap shared state writes with mutex lock and unlock.
1909
+ pattern-either:
1910
+ - pattern: |-
1911
+ go func(){ sharedCounter++ }()
1912
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-141\\b'
1913
+ message: |-
1914
+ RunSec Detection [GOX-141]: CWE-662
1915
+ languages:
1916
+ - go
1917
+ severity: WARNING
1918
+ - id: runsec.go-core.gox-142
1919
+ metadata:
1920
+ runsec_version: v1.0
1921
+ confidence: |-
1922
+ 0.9
1923
+ exploit_scenario: |-
1924
+ Nil interface panic causes request crash and availability impact.
1925
+ fix_template: |-
1926
+ Autofix: add nil guard for interface dependencies before method calls.
1927
+ pattern-either:
1928
+ - pattern: |-
1929
+ repo.GetUser(ctx, id)
1930
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-142\\b'
1931
+ message: |-
1932
+ RunSec Detection [GOX-142]: CWE-476
1933
+ languages:
1934
+ - go
1935
+ severity: WARNING
1936
+ - id: runsec.go-core.gox-143
1937
+ metadata:
1938
+ runsec_version: v1.0
1939
+ confidence: |-
1940
+ 0.9
1941
+ exploit_scenario: |-
1942
+ Cross-tenant object read is possible when IDs are not ownership-scoped.
1943
+ fix_template: |-
1944
+ Autofix: enforce tenant-bound ID resolver before object access.
1945
+ pattern-either:
1946
+ - pattern: |-
1947
+ orderID := r.URL.Query().Get("id")
1948
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-143\\b'
1949
+ message: |-
1950
+ RunSec Detection [GOX-143]: CWE-639
1951
+ languages:
1952
+ - go
1953
+ severity: WARNING
1954
+ - id: runsec.go-core.gox-144
1955
+ metadata:
1956
+ runsec_version: v1.0
1957
+ confidence: |-
1958
+ 0.9
1959
+ exploit_scenario: |-
1960
+ Untrusted keys can alter privilege-related fields.
1961
+ fix_template: |-
1962
+ Autofix: map only trusted keys instead of arbitrary payload map iteration.
1963
+ pattern-either:
1964
+ - pattern: |-
1965
+ for k, v := range payload { applyField(&user, k, v) }
1966
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-144\\b'
1967
+ message: |-
1968
+ RunSec Detection [GOX-144]: CWE-915
1969
+ languages:
1970
+ - go
1971
+ severity: WARNING
1972
+ - id: runsec.go-core.gox-145
1973
+ metadata:
1974
+ runsec_version: v1.0
1975
+ confidence: |-
1976
+ 0.9
1977
+ exploit_scenario: |-
1978
+ Untracked goroutines leak resources and produce non-deterministic behavior.
1979
+ fix_template: |-
1980
+ Autofix: add WaitGroup lifecycle around spawned goroutines.
1981
+ pattern-either:
1982
+ - pattern: |-
1983
+ go worker(task)
1984
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-145\\b'
1985
+ message: |-
1986
+ RunSec Detection [GOX-145]: CWE-667
1987
+ languages:
1988
+ - go
1989
+ severity: WARNING
1990
+ - id: runsec.go-core.gox-146
1991
+ metadata:
1992
+ runsec_version: v1.0
1993
+ confidence: |-
1994
+ 0.9
1995
+ exploit_scenario: |-
1996
+ Concurrent writes produce inconsistent state and race-driven bypasses.
1997
+ fix_template: |-
1998
+ Autofix: wrap shared state writes with mutex lock and unlock.
1999
+ pattern-either:
2000
+ - pattern: |-
2001
+ go func(){ sharedCounter++ }()
2002
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-146\\b'
2003
+ message: |-
2004
+ RunSec Detection [GOX-146]: CWE-662
2005
+ languages:
2006
+ - go
2007
+ severity: WARNING
2008
+ - id: runsec.go-core.gox-147
2009
+ metadata:
2010
+ runsec_version: v1.0
2011
+ confidence: |-
2012
+ 0.9
2013
+ exploit_scenario: |-
2014
+ Nil interface panic causes request crash and availability impact.
2015
+ fix_template: |-
2016
+ Autofix: add nil guard for interface dependencies before method calls.
2017
+ pattern-either:
2018
+ - pattern: |-
2019
+ repo.GetUser(ctx, id)
2020
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-147\\b'
2021
+ message: |-
2022
+ RunSec Detection [GOX-147]: CWE-476
2023
+ languages:
2024
+ - go
2025
+ severity: WARNING
2026
+ - id: runsec.go-core.gox-148
2027
+ metadata:
2028
+ runsec_version: v1.0
2029
+ confidence: |-
2030
+ 0.9
2031
+ exploit_scenario: |-
2032
+ Cross-tenant object read is possible when IDs are not ownership-scoped.
2033
+ fix_template: |-
2034
+ Autofix: enforce tenant-bound ID resolver before object access.
2035
+ pattern-either:
2036
+ - pattern: |-
2037
+ orderID := r.URL.Query().Get("id")
2038
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-148\\b'
2039
+ message: |-
2040
+ RunSec Detection [GOX-148]: CWE-639
2041
+ languages:
2042
+ - go
2043
+ severity: WARNING
2044
+ - id: runsec.go-core.gox-149
2045
+ metadata:
2046
+ runsec_version: v1.0
2047
+ confidence: |-
2048
+ 0.9
2049
+ exploit_scenario: |-
2050
+ Untrusted keys can alter privilege-related fields.
2051
+ fix_template: |-
2052
+ Autofix: map only trusted keys instead of arbitrary payload map iteration.
2053
+ pattern-either:
2054
+ - pattern: |-
2055
+ for k, v := range payload { applyField(&user, k, v) }
2056
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-149\\b'
2057
+ message: |-
2058
+ RunSec Detection [GOX-149]: CWE-915
2059
+ languages:
2060
+ - go
2061
+ severity: WARNING
2062
+ - id: runsec.go-core.gox-150
2063
+ metadata:
2064
+ runsec_version: v1.0
2065
+ confidence: |-
2066
+ 0.9
2067
+ exploit_scenario: |-
2068
+ Untracked goroutines leak resources and produce non-deterministic behavior.
2069
+ fix_template: |-
2070
+ Autofix: add WaitGroup lifecycle around spawned goroutines.
2071
+ pattern-either:
2072
+ - pattern: |-
2073
+ go worker(task)
2074
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-150\\b'
2075
+ message: |-
2076
+ RunSec Detection [GOX-150]: CWE-667
2077
+ languages:
2078
+ - go
2079
+ severity: WARNING
2080
+ - id: runsec.go-core.gox-151
2081
+ metadata:
2082
+ runsec_version: v1.0
2083
+ confidence: |-
2084
+ 0.9
2085
+ exploit_scenario: |-
2086
+ Concurrent writes produce inconsistent state and race-driven bypasses.
2087
+ fix_template: |-
2088
+ Autofix: wrap shared state writes with mutex lock and unlock.
2089
+ pattern-either:
2090
+ - pattern: |-
2091
+ go func(){ sharedCounter++ }()
2092
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-151\\b'
2093
+ message: |-
2094
+ RunSec Detection [GOX-151]: CWE-662
2095
+ languages:
2096
+ - go
2097
+ severity: WARNING
2098
+ - id: runsec.go-core.gox-152
2099
+ metadata:
2100
+ runsec_version: v1.0
2101
+ confidence: |-
2102
+ 0.9
2103
+ exploit_scenario: |-
2104
+ Nil interface panic causes request crash and availability impact.
2105
+ fix_template: |-
2106
+ Autofix: add nil guard for interface dependencies before method calls.
2107
+ pattern-either:
2108
+ - pattern: |-
2109
+ repo.GetUser(ctx, id)
2110
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-152\\b'
2111
+ message: |-
2112
+ RunSec Detection [GOX-152]: CWE-476
2113
+ languages:
2114
+ - go
2115
+ severity: WARNING
2116
+ - id: runsec.go-core.gox-153
2117
+ metadata:
2118
+ runsec_version: v1.0
2119
+ confidence: |-
2120
+ 0.9
2121
+ exploit_scenario: |-
2122
+ Cross-tenant object read is possible when IDs are not ownership-scoped.
2123
+ fix_template: |-
2124
+ Autofix: enforce tenant-bound ID resolver before object access.
2125
+ pattern-either:
2126
+ - pattern: |-
2127
+ orderID := r.URL.Query().Get("id")
2128
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-153\\b'
2129
+ message: |-
2130
+ RunSec Detection [GOX-153]: CWE-639
2131
+ languages:
2132
+ - go
2133
+ severity: WARNING
2134
+ - id: runsec.go-core.gox-154
2135
+ metadata:
2136
+ runsec_version: v1.0
2137
+ confidence: |-
2138
+ 0.9
2139
+ exploit_scenario: |-
2140
+ Untrusted keys can alter privilege-related fields.
2141
+ fix_template: |-
2142
+ Autofix: map only trusted keys instead of arbitrary payload map iteration.
2143
+ pattern-either:
2144
+ - pattern: |-
2145
+ for k, v := range payload { applyField(&user, k, v) }
2146
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-154\\b'
2147
+ message: |-
2148
+ RunSec Detection [GOX-154]: CWE-915
2149
+ languages:
2150
+ - go
2151
+ severity: WARNING
2152
+ - id: runsec.go-core.gox-155
2153
+ metadata:
2154
+ runsec_version: v1.0
2155
+ confidence: |-
2156
+ 0.9
2157
+ exploit_scenario: |-
2158
+ Untracked goroutines leak resources and produce non-deterministic behavior.
2159
+ fix_template: |-
2160
+ Autofix: add WaitGroup lifecycle around spawned goroutines.
2161
+ pattern-either:
2162
+ - pattern: |-
2163
+ go worker(task)
2164
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-155\\b'
2165
+ message: |-
2166
+ RunSec Detection [GOX-155]: CWE-667
2167
+ languages:
2168
+ - go
2169
+ severity: WARNING
2170
+ - id: runsec.go-core.gox-156
2171
+ metadata:
2172
+ runsec_version: v1.0
2173
+ confidence: |-
2174
+ 0.9
2175
+ exploit_scenario: |-
2176
+ Concurrent writes produce inconsistent state and race-driven bypasses.
2177
+ fix_template: |-
2178
+ Autofix: wrap shared state writes with mutex lock and unlock.
2179
+ pattern-either:
2180
+ - pattern: |-
2181
+ go func(){ sharedCounter++ }()
2182
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-156\\b'
2183
+ message: |-
2184
+ RunSec Detection [GOX-156]: CWE-662
2185
+ languages:
2186
+ - go
2187
+ severity: WARNING
2188
+ - id: runsec.go-core.gox-157
2189
+ metadata:
2190
+ runsec_version: v1.0
2191
+ confidence: |-
2192
+ 0.9
2193
+ exploit_scenario: |-
2194
+ Nil interface panic causes request crash and availability impact.
2195
+ fix_template: |-
2196
+ Autofix: add nil guard for interface dependencies before method calls.
2197
+ pattern-either:
2198
+ - pattern: |-
2199
+ repo.GetUser(ctx, id)
2200
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-157\\b'
2201
+ message: |-
2202
+ RunSec Detection [GOX-157]: CWE-476
2203
+ languages:
2204
+ - go
2205
+ severity: WARNING
2206
+ - id: runsec.go-core.gox-158
2207
+ metadata:
2208
+ runsec_version: v1.0
2209
+ confidence: |-
2210
+ 0.9
2211
+ exploit_scenario: |-
2212
+ Cross-tenant object read is possible when IDs are not ownership-scoped.
2213
+ fix_template: |-
2214
+ Autofix: enforce tenant-bound ID resolver before object access.
2215
+ pattern-either:
2216
+ - pattern: |-
2217
+ orderID := r.URL.Query().Get("id")
2218
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-158\\b'
2219
+ message: |-
2220
+ RunSec Detection [GOX-158]: CWE-639
2221
+ languages:
2222
+ - go
2223
+ severity: WARNING
2224
+ - id: runsec.go-core.gox-159
2225
+ metadata:
2226
+ runsec_version: v1.0
2227
+ confidence: |-
2228
+ 0.9
2229
+ exploit_scenario: |-
2230
+ Untrusted keys can alter privilege-related fields.
2231
+ fix_template: |-
2232
+ Autofix: map only trusted keys instead of arbitrary payload map iteration.
2233
+ pattern-either:
2234
+ - pattern: |-
2235
+ for k, v := range payload { applyField(&user, k, v) }
2236
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-159\\b'
2237
+ message: |-
2238
+ RunSec Detection [GOX-159]: CWE-915
2239
+ languages:
2240
+ - go
2241
+ severity: WARNING
2242
+ - id: runsec.go-core.gox-160
2243
+ metadata:
2244
+ runsec_version: v1.0
2245
+ confidence: |-
2246
+ 0.9
2247
+ exploit_scenario: |-
2248
+ Untracked goroutines leak resources and produce non-deterministic behavior.
2249
+ fix_template: |-
2250
+ Autofix: add WaitGroup lifecycle around spawned goroutines.
2251
+ pattern-either:
2252
+ - pattern: |-
2253
+ go worker(task)
2254
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-160\\b'
2255
+ message: |-
2256
+ RunSec Detection [GOX-160]: CWE-667
2257
+ languages:
2258
+ - go
2259
+ severity: WARNING
2260
+ - id: runsec.go-core.gox-161
2261
+ metadata:
2262
+ runsec_version: v1.0
2263
+ confidence: |-
2264
+ 0.9
2265
+ exploit_scenario: |-
2266
+ Concurrent writes produce inconsistent state and race-driven bypasses.
2267
+ fix_template: |-
2268
+ Autofix: wrap shared state writes with mutex lock and unlock.
2269
+ pattern-either:
2270
+ - pattern: |-
2271
+ go func(){ sharedCounter++ }()
2272
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-161\\b'
2273
+ message: |-
2274
+ RunSec Detection [GOX-161]: CWE-662
2275
+ languages:
2276
+ - go
2277
+ severity: WARNING
2278
+ - id: runsec.go-core.gox-162
2279
+ metadata:
2280
+ runsec_version: v1.0
2281
+ confidence: |-
2282
+ 0.9
2283
+ exploit_scenario: |-
2284
+ Nil interface panic causes request crash and availability impact.
2285
+ fix_template: |-
2286
+ Autofix: add nil guard for interface dependencies before method calls.
2287
+ pattern-either:
2288
+ - pattern: |-
2289
+ repo.GetUser(ctx, id)
2290
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-162\\b'
2291
+ message: |-
2292
+ RunSec Detection [GOX-162]: CWE-476
2293
+ languages:
2294
+ - go
2295
+ severity: WARNING
2296
+ - id: runsec.go-core.gox-163
2297
+ metadata:
2298
+ runsec_version: v1.0
2299
+ confidence: |-
2300
+ 0.9
2301
+ exploit_scenario: |-
2302
+ Cross-tenant object read is possible when IDs are not ownership-scoped.
2303
+ fix_template: |-
2304
+ Autofix: enforce tenant-bound ID resolver before object access.
2305
+ pattern-either:
2306
+ - pattern: |-
2307
+ orderID := r.URL.Query().Get("id")
2308
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-163\\b'
2309
+ message: |-
2310
+ RunSec Detection [GOX-163]: CWE-639
2311
+ languages:
2312
+ - go
2313
+ severity: WARNING
2314
+ - id: runsec.go-core.gox-164
2315
+ metadata:
2316
+ runsec_version: v1.0
2317
+ confidence: |-
2318
+ 0.9
2319
+ exploit_scenario: |-
2320
+ Untrusted keys can alter privilege-related fields.
2321
+ fix_template: |-
2322
+ Autofix: map only trusted keys instead of arbitrary payload map iteration.
2323
+ pattern-either:
2324
+ - pattern: |-
2325
+ for k, v := range payload { applyField(&user, k, v) }
2326
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-164\\b'
2327
+ message: |-
2328
+ RunSec Detection [GOX-164]: CWE-915
2329
+ languages:
2330
+ - go
2331
+ severity: WARNING
2332
+ - id: runsec.go-core.gox-165
2333
+ metadata:
2334
+ runsec_version: v1.0
2335
+ confidence: |-
2336
+ 0.9
2337
+ exploit_scenario: |-
2338
+ Untracked goroutines leak resources and produce non-deterministic behavior.
2339
+ fix_template: |-
2340
+ Autofix: add WaitGroup lifecycle around spawned goroutines.
2341
+ pattern-either:
2342
+ - pattern: |-
2343
+ go worker(task)
2344
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-165\\b'
2345
+ message: |-
2346
+ RunSec Detection [GOX-165]: CWE-667
2347
+ languages:
2348
+ - go
2349
+ severity: WARNING
2350
+ - id: runsec.go-core.gox-166
2351
+ metadata:
2352
+ runsec_version: v1.0
2353
+ confidence: |-
2354
+ 0.9
2355
+ exploit_scenario: |-
2356
+ Concurrent writes produce inconsistent state and race-driven bypasses.
2357
+ fix_template: |-
2358
+ Autofix: wrap shared state writes with mutex lock and unlock.
2359
+ pattern-either:
2360
+ - pattern: |-
2361
+ go func(){ sharedCounter++ }()
2362
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-166\\b'
2363
+ message: |-
2364
+ RunSec Detection [GOX-166]: CWE-662
2365
+ languages:
2366
+ - go
2367
+ severity: WARNING
2368
+ - id: runsec.go-core.gox-167
2369
+ metadata:
2370
+ runsec_version: v1.0
2371
+ confidence: |-
2372
+ 0.9
2373
+ exploit_scenario: |-
2374
+ Nil interface panic causes request crash and availability impact.
2375
+ fix_template: |-
2376
+ Autofix: add nil guard for interface dependencies before method calls.
2377
+ pattern-either:
2378
+ - pattern: |-
2379
+ repo.GetUser(ctx, id)
2380
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-167\\b'
2381
+ message: |-
2382
+ RunSec Detection [GOX-167]: CWE-476
2383
+ languages:
2384
+ - go
2385
+ severity: WARNING
2386
+ - id: runsec.go-core.gox-168
2387
+ metadata:
2388
+ runsec_version: v1.0
2389
+ confidence: |-
2390
+ 0.9
2391
+ exploit_scenario: |-
2392
+ Cross-tenant object read is possible when IDs are not ownership-scoped.
2393
+ fix_template: |-
2394
+ Autofix: enforce tenant-bound ID resolver before object access.
2395
+ pattern-either:
2396
+ - pattern: |-
2397
+ orderID := r.URL.Query().Get("id")
2398
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-168\\b'
2399
+ message: |-
2400
+ RunSec Detection [GOX-168]: CWE-639
2401
+ languages:
2402
+ - go
2403
+ severity: WARNING
2404
+ - id: runsec.go-core.gox-169
2405
+ metadata:
2406
+ runsec_version: v1.0
2407
+ confidence: |-
2408
+ 0.9
2409
+ exploit_scenario: |-
2410
+ Untrusted keys can alter privilege-related fields.
2411
+ fix_template: |-
2412
+ Autofix: map only trusted keys instead of arbitrary payload map iteration.
2413
+ pattern-either:
2414
+ - pattern: |-
2415
+ for k, v := range payload { applyField(&user, k, v) }
2416
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-169\\b'
2417
+ message: |-
2418
+ RunSec Detection [GOX-169]: CWE-915
2419
+ languages:
2420
+ - go
2421
+ severity: WARNING
2422
+ - id: runsec.go-core.gox-170
2423
+ metadata:
2424
+ runsec_version: v1.0
2425
+ confidence: |-
2426
+ 0.9
2427
+ exploit_scenario: |-
2428
+ Untracked goroutines leak resources and produce non-deterministic behavior.
2429
+ fix_template: |-
2430
+ Autofix: add WaitGroup lifecycle around spawned goroutines.
2431
+ pattern-either:
2432
+ - pattern: |-
2433
+ go worker(task)
2434
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-170\\b'
2435
+ message: |-
2436
+ RunSec Detection [GOX-170]: CWE-667
2437
+ languages:
2438
+ - go
2439
+ severity: WARNING
2440
+ - id: runsec.go-core.gox-171
2441
+ metadata:
2442
+ runsec_version: v1.0
2443
+ confidence: |-
2444
+ 0.9
2445
+ exploit_scenario: |-
2446
+ Concurrent writes produce inconsistent state and race-driven bypasses.
2447
+ fix_template: |-
2448
+ Autofix: wrap shared state writes with mutex lock and unlock.
2449
+ pattern-either:
2450
+ - pattern: |-
2451
+ go func(){ sharedCounter++ }()
2452
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-171\\b'
2453
+ message: |-
2454
+ RunSec Detection [GOX-171]: CWE-662
2455
+ languages:
2456
+ - go
2457
+ severity: WARNING
2458
+ - id: runsec.go-core.gox-172
2459
+ metadata:
2460
+ runsec_version: v1.0
2461
+ confidence: |-
2462
+ 0.9
2463
+ exploit_scenario: |-
2464
+ Nil interface panic causes request crash and availability impact.
2465
+ fix_template: |-
2466
+ Autofix: add nil guard for interface dependencies before method calls.
2467
+ pattern-either:
2468
+ - pattern: |-
2469
+ repo.GetUser(ctx, id)
2470
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-172\\b'
2471
+ message: |-
2472
+ RunSec Detection [GOX-172]: CWE-476
2473
+ languages:
2474
+ - go
2475
+ severity: WARNING
2476
+ - id: runsec.go-core.gox-173
2477
+ metadata:
2478
+ runsec_version: v1.0
2479
+ confidence: |-
2480
+ 0.9
2481
+ exploit_scenario: |-
2482
+ Cross-tenant object read is possible when IDs are not ownership-scoped.
2483
+ fix_template: |-
2484
+ Autofix: enforce tenant-bound ID resolver before object access.
2485
+ pattern-either:
2486
+ - pattern: |-
2487
+ orderID := r.URL.Query().Get("id")
2488
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-173\\b'
2489
+ message: |-
2490
+ RunSec Detection [GOX-173]: CWE-639
2491
+ languages:
2492
+ - go
2493
+ severity: WARNING
2494
+ - id: runsec.go-core.gox-174
2495
+ metadata:
2496
+ runsec_version: v1.0
2497
+ confidence: |-
2498
+ 0.9
2499
+ exploit_scenario: |-
2500
+ Untrusted keys can alter privilege-related fields.
2501
+ fix_template: |-
2502
+ Autofix: map only trusted keys instead of arbitrary payload map iteration.
2503
+ pattern-either:
2504
+ - pattern: |-
2505
+ for k, v := range payload { applyField(&user, k, v) }
2506
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-174\\b'
2507
+ message: |-
2508
+ RunSec Detection [GOX-174]: CWE-915
2509
+ languages:
2510
+ - go
2511
+ severity: WARNING
2512
+ - id: runsec.go-core.gox-175
2513
+ metadata:
2514
+ runsec_version: v1.0
2515
+ confidence: |-
2516
+ 0.9
2517
+ exploit_scenario: |-
2518
+ Untracked goroutines leak resources and produce non-deterministic behavior.
2519
+ fix_template: |-
2520
+ Autofix: add WaitGroup lifecycle around spawned goroutines.
2521
+ pattern-either:
2522
+ - pattern: |-
2523
+ go worker(task)
2524
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-175\\b'
2525
+ message: |-
2526
+ RunSec Detection [GOX-175]: CWE-667
2527
+ languages:
2528
+ - go
2529
+ severity: WARNING
2530
+ - id: runsec.go-core.gox-176
2531
+ metadata:
2532
+ runsec_version: v1.0
2533
+ confidence: |-
2534
+ 0.9
2535
+ exploit_scenario: |-
2536
+ Concurrent writes produce inconsistent state and race-driven bypasses.
2537
+ fix_template: |-
2538
+ Autofix: wrap shared state writes with mutex lock and unlock.
2539
+ pattern-either:
2540
+ - pattern: |-
2541
+ go func(){ sharedCounter++ }()
2542
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-176\\b'
2543
+ message: |-
2544
+ RunSec Detection [GOX-176]: CWE-662
2545
+ languages:
2546
+ - go
2547
+ severity: WARNING
2548
+ - id: runsec.go-core.gox-177
2549
+ metadata:
2550
+ runsec_version: v1.0
2551
+ confidence: |-
2552
+ 0.9
2553
+ exploit_scenario: |-
2554
+ Nil interface panic causes request crash and availability impact.
2555
+ fix_template: |-
2556
+ Autofix: add nil guard for interface dependencies before method calls.
2557
+ pattern-either:
2558
+ - pattern: |-
2559
+ repo.GetUser(ctx, id)
2560
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-177\\b'
2561
+ message: |-
2562
+ RunSec Detection [GOX-177]: CWE-476
2563
+ languages:
2564
+ - go
2565
+ severity: WARNING
2566
+ - id: runsec.go-core.gox-178
2567
+ metadata:
2568
+ runsec_version: v1.0
2569
+ confidence: |-
2570
+ 0.9
2571
+ exploit_scenario: |-
2572
+ Cross-tenant object read is possible when IDs are not ownership-scoped.
2573
+ fix_template: |-
2574
+ Autofix: enforce tenant-bound ID resolver before object access.
2575
+ pattern-either:
2576
+ - pattern: |-
2577
+ orderID := r.URL.Query().Get("id")
2578
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-178\\b'
2579
+ message: |-
2580
+ RunSec Detection [GOX-178]: CWE-639
2581
+ languages:
2582
+ - go
2583
+ severity: WARNING
2584
+ - id: runsec.go-core.gox-179
2585
+ metadata:
2586
+ runsec_version: v1.0
2587
+ confidence: |-
2588
+ 0.9
2589
+ exploit_scenario: |-
2590
+ Untrusted keys can alter privilege-related fields.
2591
+ fix_template: |-
2592
+ Autofix: map only trusted keys instead of arbitrary payload map iteration.
2593
+ pattern-either:
2594
+ - pattern: |-
2595
+ for k, v := range payload { applyField(&user, k, v) }
2596
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-179\\b'
2597
+ message: |-
2598
+ RunSec Detection [GOX-179]: CWE-915
2599
+ languages:
2600
+ - go
2601
+ severity: WARNING
2602
+ - id: runsec.go-core.gox-180
2603
+ metadata:
2604
+ runsec_version: v1.0
2605
+ confidence: |-
2606
+ 0.9
2607
+ exploit_scenario: |-
2608
+ Untracked goroutines leak resources and produce non-deterministic behavior.
2609
+ fix_template: |-
2610
+ Autofix: add WaitGroup lifecycle around spawned goroutines.
2611
+ pattern-either:
2612
+ - pattern: |-
2613
+ go worker(task)
2614
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-180\\b'
2615
+ message: |-
2616
+ RunSec Detection [GOX-180]: CWE-667
2617
+ languages:
2618
+ - go
2619
+ severity: WARNING
2620
+ - id: runsec.go-core.gox-181
2621
+ metadata:
2622
+ runsec_version: v1.0
2623
+ confidence: |-
2624
+ 0.9
2625
+ exploit_scenario: |-
2626
+ Concurrent writes produce inconsistent state and race-driven bypasses.
2627
+ fix_template: |-
2628
+ Autofix: wrap shared state writes with mutex lock and unlock.
2629
+ pattern-either:
2630
+ - pattern: |-
2631
+ go func(){ sharedCounter++ }()
2632
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-181\\b'
2633
+ message: |-
2634
+ RunSec Detection [GOX-181]: CWE-662
2635
+ languages:
2636
+ - go
2637
+ severity: WARNING
2638
+ - id: runsec.go-core.gox-182
2639
+ metadata:
2640
+ runsec_version: v1.0
2641
+ confidence: |-
2642
+ 0.9
2643
+ exploit_scenario: |-
2644
+ Nil interface panic causes request crash and availability impact.
2645
+ fix_template: |-
2646
+ Autofix: add nil guard for interface dependencies before method calls.
2647
+ pattern-either:
2648
+ - pattern: |-
2649
+ repo.GetUser(ctx, id)
2650
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-182\\b'
2651
+ message: |-
2652
+ RunSec Detection [GOX-182]: CWE-476
2653
+ languages:
2654
+ - go
2655
+ severity: WARNING
2656
+ - id: runsec.go-core.gox-183
2657
+ metadata:
2658
+ runsec_version: v1.0
2659
+ confidence: |-
2660
+ 0.9
2661
+ exploit_scenario: |-
2662
+ Cross-tenant object read is possible when IDs are not ownership-scoped.
2663
+ fix_template: |-
2664
+ Autofix: enforce tenant-bound ID resolver before object access.
2665
+ pattern-either:
2666
+ - pattern: |-
2667
+ orderID := r.URL.Query().Get("id")
2668
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-183\\b'
2669
+ message: |-
2670
+ RunSec Detection [GOX-183]: CWE-639
2671
+ languages:
2672
+ - go
2673
+ severity: WARNING
2674
+ - id: runsec.go-core.gox-184
2675
+ metadata:
2676
+ runsec_version: v1.0
2677
+ confidence: |-
2678
+ 0.9
2679
+ exploit_scenario: |-
2680
+ Untrusted keys can alter privilege-related fields.
2681
+ fix_template: |-
2682
+ Autofix: map only trusted keys instead of arbitrary payload map iteration.
2683
+ pattern-either:
2684
+ - pattern: |-
2685
+ for k, v := range payload { applyField(&user, k, v) }
2686
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-184\\b'
2687
+ message: |-
2688
+ RunSec Detection [GOX-184]: CWE-915
2689
+ languages:
2690
+ - go
2691
+ severity: WARNING
2692
+ - id: runsec.go-core.gox-185
2693
+ metadata:
2694
+ runsec_version: v1.0
2695
+ confidence: |-
2696
+ 0.9
2697
+ exploit_scenario: |-
2698
+ Untracked goroutines leak resources and produce non-deterministic behavior.
2699
+ fix_template: |-
2700
+ Autofix: add WaitGroup lifecycle around spawned goroutines.
2701
+ pattern-either:
2702
+ - pattern: |-
2703
+ go worker(task)
2704
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-185\\b'
2705
+ message: |-
2706
+ RunSec Detection [GOX-185]: CWE-667
2707
+ languages:
2708
+ - go
2709
+ severity: WARNING
2710
+ - id: runsec.go-core.gox-186
2711
+ metadata:
2712
+ runsec_version: v1.0
2713
+ confidence: |-
2714
+ 0.9
2715
+ exploit_scenario: |-
2716
+ Concurrent writes produce inconsistent state and race-driven bypasses.
2717
+ fix_template: |-
2718
+ Autofix: wrap shared state writes with mutex lock and unlock.
2719
+ pattern-either:
2720
+ - pattern: |-
2721
+ go func(){ sharedCounter++ }()
2722
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-186\\b'
2723
+ message: |-
2724
+ RunSec Detection [GOX-186]: CWE-662
2725
+ languages:
2726
+ - go
2727
+ severity: WARNING
2728
+ - id: runsec.go-core.gox-187
2729
+ metadata:
2730
+ runsec_version: v1.0
2731
+ confidence: |-
2732
+ 0.9
2733
+ exploit_scenario: |-
2734
+ Nil interface panic causes request crash and availability impact.
2735
+ fix_template: |-
2736
+ Autofix: add nil guard for interface dependencies before method calls.
2737
+ pattern-either:
2738
+ - pattern: |-
2739
+ repo.GetUser(ctx, id)
2740
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-187\\b'
2741
+ message: |-
2742
+ RunSec Detection [GOX-187]: CWE-476
2743
+ languages:
2744
+ - go
2745
+ severity: WARNING
2746
+ - id: runsec.go-core.gox-188
2747
+ metadata:
2748
+ runsec_version: v1.0
2749
+ confidence: |-
2750
+ 0.9
2751
+ exploit_scenario: |-
2752
+ Cross-tenant object read is possible when IDs are not ownership-scoped.
2753
+ fix_template: |-
2754
+ Autofix: enforce tenant-bound ID resolver before object access.
2755
+ pattern-either:
2756
+ - pattern: |-
2757
+ orderID := r.URL.Query().Get("id")
2758
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-188\\b'
2759
+ message: |-
2760
+ RunSec Detection [GOX-188]: CWE-639
2761
+ languages:
2762
+ - go
2763
+ severity: WARNING
2764
+ - id: runsec.go-core.gox-189
2765
+ metadata:
2766
+ runsec_version: v1.0
2767
+ confidence: |-
2768
+ 0.9
2769
+ exploit_scenario: |-
2770
+ Untrusted keys can alter privilege-related fields.
2771
+ fix_template: |-
2772
+ Autofix: map only trusted keys instead of arbitrary payload map iteration.
2773
+ pattern-either:
2774
+ - pattern: |-
2775
+ for k, v := range payload { applyField(&user, k, v) }
2776
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-189\\b'
2777
+ message: |-
2778
+ RunSec Detection [GOX-189]: CWE-915
2779
+ languages:
2780
+ - go
2781
+ severity: WARNING
2782
+ - id: runsec.go-core.gox-190
2783
+ metadata:
2784
+ runsec_version: v1.0
2785
+ confidence: |-
2786
+ 0.9
2787
+ exploit_scenario: |-
2788
+ Untracked goroutines leak resources and produce non-deterministic behavior.
2789
+ fix_template: |-
2790
+ Autofix: add WaitGroup lifecycle around spawned goroutines.
2791
+ pattern-either:
2792
+ - pattern: |-
2793
+ go worker(task)
2794
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-190\\b'
2795
+ message: |-
2796
+ RunSec Detection [GOX-190]: CWE-667
2797
+ languages:
2798
+ - go
2799
+ severity: WARNING
2800
+ - id: runsec.go-core.gox-191
2801
+ metadata:
2802
+ runsec_version: v1.0
2803
+ confidence: |-
2804
+ 0.9
2805
+ exploit_scenario: |-
2806
+ Concurrent writes produce inconsistent state and race-driven bypasses.
2807
+ fix_template: |-
2808
+ Autofix: wrap shared state writes with mutex lock and unlock.
2809
+ pattern-either:
2810
+ - pattern: |-
2811
+ go func(){ sharedCounter++ }()
2812
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-191\\b'
2813
+ message: |-
2814
+ RunSec Detection [GOX-191]: CWE-662
2815
+ languages:
2816
+ - go
2817
+ severity: WARNING
2818
+ - id: runsec.go-core.gox-192
2819
+ metadata:
2820
+ runsec_version: v1.0
2821
+ confidence: |-
2822
+ 0.9
2823
+ exploit_scenario: |-
2824
+ Nil interface panic causes request crash and availability impact.
2825
+ fix_template: |-
2826
+ Autofix: add nil guard for interface dependencies before method calls.
2827
+ pattern-either:
2828
+ - pattern: |-
2829
+ repo.GetUser(ctx, id)
2830
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-192\\b'
2831
+ message: |-
2832
+ RunSec Detection [GOX-192]: CWE-476
2833
+ languages:
2834
+ - go
2835
+ severity: WARNING
2836
+ - id: runsec.go-core.gox-193
2837
+ metadata:
2838
+ runsec_version: v1.0
2839
+ confidence: |-
2840
+ 0.9
2841
+ exploit_scenario: |-
2842
+ Cross-tenant object read is possible when IDs are not ownership-scoped.
2843
+ fix_template: |-
2844
+ Autofix: enforce tenant-bound ID resolver before object access.
2845
+ pattern-either:
2846
+ - pattern: |-
2847
+ orderID := r.URL.Query().Get("id")
2848
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-193\\b'
2849
+ message: |-
2850
+ RunSec Detection [GOX-193]: CWE-639
2851
+ languages:
2852
+ - go
2853
+ severity: WARNING
2854
+ - id: runsec.go-core.gox-194
2855
+ metadata:
2856
+ runsec_version: v1.0
2857
+ confidence: |-
2858
+ 0.9
2859
+ exploit_scenario: |-
2860
+ Untrusted keys can alter privilege-related fields.
2861
+ fix_template: |-
2862
+ Autofix: map only trusted keys instead of arbitrary payload map iteration.
2863
+ pattern-either:
2864
+ - pattern: |-
2865
+ for k, v := range payload { applyField(&user, k, v) }
2866
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-194\\b'
2867
+ message: |-
2868
+ RunSec Detection [GOX-194]: CWE-915
2869
+ languages:
2870
+ - go
2871
+ severity: WARNING
2872
+ - id: runsec.go-core.gox-195
2873
+ metadata:
2874
+ runsec_version: v1.0
2875
+ confidence: |-
2876
+ 0.9
2877
+ exploit_scenario: |-
2878
+ Untracked goroutines leak resources and produce non-deterministic behavior.
2879
+ fix_template: |-
2880
+ Autofix: add WaitGroup lifecycle around spawned goroutines.
2881
+ pattern-either:
2882
+ - pattern: |-
2883
+ go worker(task)
2884
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-195\\b'
2885
+ message: |-
2886
+ RunSec Detection [GOX-195]: CWE-667
2887
+ languages:
2888
+ - go
2889
+ severity: WARNING
2890
+ - id: runsec.go-core.gox-196
2891
+ metadata:
2892
+ runsec_version: v1.0
2893
+ confidence: |-
2894
+ 0.9
2895
+ exploit_scenario: |-
2896
+ Concurrent writes produce inconsistent state and race-driven bypasses.
2897
+ fix_template: |-
2898
+ Autofix: wrap shared state writes with mutex lock and unlock.
2899
+ pattern-either:
2900
+ - pattern: |-
2901
+ go func(){ sharedCounter++ }()
2902
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-196\\b'
2903
+ message: |-
2904
+ RunSec Detection [GOX-196]: CWE-662
2905
+ languages:
2906
+ - go
2907
+ severity: WARNING
2908
+ - id: runsec.go-core.gox-197
2909
+ metadata:
2910
+ runsec_version: v1.0
2911
+ confidence: |-
2912
+ 0.9
2913
+ exploit_scenario: |-
2914
+ Nil interface panic causes request crash and availability impact.
2915
+ fix_template: |-
2916
+ Autofix: add nil guard for interface dependencies before method calls.
2917
+ pattern-either:
2918
+ - pattern: |-
2919
+ repo.GetUser(ctx, id)
2920
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-197\\b'
2921
+ message: |-
2922
+ RunSec Detection [GOX-197]: CWE-476
2923
+ languages:
2924
+ - go
2925
+ severity: WARNING
2926
+ - id: runsec.go-core.gox-198
2927
+ metadata:
2928
+ runsec_version: v1.0
2929
+ confidence: |-
2930
+ 0.9
2931
+ exploit_scenario: |-
2932
+ Cross-tenant object read is possible when IDs are not ownership-scoped.
2933
+ fix_template: |-
2934
+ Autofix: enforce tenant-bound ID resolver before object access.
2935
+ pattern-either:
2936
+ - pattern: |-
2937
+ orderID := r.URL.Query().Get("id")
2938
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-198\\b'
2939
+ message: |-
2940
+ RunSec Detection [GOX-198]: CWE-639
2941
+ languages:
2942
+ - go
2943
+ severity: WARNING
2944
+ - id: runsec.go-core.gox-199
2945
+ metadata:
2946
+ runsec_version: v1.0
2947
+ confidence: |-
2948
+ 0.9
2949
+ exploit_scenario: |-
2950
+ Untrusted keys can alter privilege-related fields.
2951
+ fix_template: |-
2952
+ Autofix: map only trusted keys instead of arbitrary payload map iteration.
2953
+ pattern-either:
2954
+ - pattern: |-
2955
+ for k, v := range payload { applyField(&user, k, v) }
2956
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-199\\b'
2957
+ message: |-
2958
+ RunSec Detection [GOX-199]: CWE-915
2959
+ languages:
2960
+ - go
2961
+ severity: WARNING
2962
+ - id: runsec.go-core.gox-200
2963
+ metadata:
2964
+ runsec_version: v1.0
2965
+ confidence: |-
2966
+ 0.9
2967
+ exploit_scenario: |-
2968
+ Untracked goroutines leak resources and produce non-deterministic behavior.
2969
+ fix_template: |-
2970
+ Autofix: add WaitGroup lifecycle around spawned goroutines.
2971
+ pattern-either:
2972
+ - pattern: |-
2973
+ go worker(task)
2974
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-200\\b'
2975
+ message: |-
2976
+ RunSec Detection [GOX-200]: CWE-667
2977
+ languages:
2978
+ - go
2979
+ severity: WARNING
2980
+ - id: runsec.go-core.gox-201
2981
+ metadata:
2982
+ runsec_version: v1.0
2983
+ confidence: |-
2984
+ 0.9
2985
+ exploit_scenario: |-
2986
+ Concurrent writes produce inconsistent state and race-driven bypasses.
2987
+ fix_template: |-
2988
+ Autofix: wrap shared state writes with mutex lock and unlock.
2989
+ pattern-either:
2990
+ - pattern: |-
2991
+ go func(){ sharedCounter++ }()
2992
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-201\\b'
2993
+ message: |-
2994
+ RunSec Detection [GOX-201]: CWE-662
2995
+ languages:
2996
+ - go
2997
+ severity: WARNING
2998
+ - id: runsec.go-core.gox-202
2999
+ metadata:
3000
+ runsec_version: v1.0
3001
+ confidence: |-
3002
+ 0.9
3003
+ exploit_scenario: |-
3004
+ Nil interface panic causes request crash and availability impact.
3005
+ fix_template: |-
3006
+ Autofix: add nil guard for interface dependencies before method calls.
3007
+ pattern-either:
3008
+ - pattern: |-
3009
+ repo.GetUser(ctx, id)
3010
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-202\\b'
3011
+ message: |-
3012
+ RunSec Detection [GOX-202]: CWE-476
3013
+ languages:
3014
+ - go
3015
+ severity: WARNING
3016
+ - id: runsec.go-core.gox-203
3017
+ metadata:
3018
+ runsec_version: v1.0
3019
+ confidence: |-
3020
+ 0.9
3021
+ exploit_scenario: |-
3022
+ Cross-tenant object read is possible when IDs are not ownership-scoped.
3023
+ fix_template: |-
3024
+ Autofix: enforce tenant-bound ID resolver before object access.
3025
+ pattern-either:
3026
+ - pattern: |-
3027
+ orderID := r.URL.Query().Get("id")
3028
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-203\\b'
3029
+ message: |-
3030
+ RunSec Detection [GOX-203]: CWE-639
3031
+ languages:
3032
+ - go
3033
+ severity: WARNING
3034
+ - id: runsec.go-core.gox-204
3035
+ metadata:
3036
+ runsec_version: v1.0
3037
+ confidence: |-
3038
+ 0.9
3039
+ exploit_scenario: |-
3040
+ Untrusted keys can alter privilege-related fields.
3041
+ fix_template: |-
3042
+ Autofix: map only trusted keys instead of arbitrary payload map iteration.
3043
+ pattern-either:
3044
+ - pattern: |-
3045
+ for k, v := range payload { applyField(&user, k, v) }
3046
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-204\\b'
3047
+ message: |-
3048
+ RunSec Detection [GOX-204]: CWE-915
3049
+ languages:
3050
+ - go
3051
+ severity: WARNING
3052
+ - id: runsec.go-core.gox-205
3053
+ metadata:
3054
+ runsec_version: v1.0
3055
+ confidence: |-
3056
+ 0.9
3057
+ exploit_scenario: |-
3058
+ Untracked goroutines leak resources and produce non-deterministic behavior.
3059
+ fix_template: |-
3060
+ Autofix: add WaitGroup lifecycle around spawned goroutines.
3061
+ pattern-either:
3062
+ - pattern: |-
3063
+ go worker(task)
3064
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-205\\b'
3065
+ message: |-
3066
+ RunSec Detection [GOX-205]: CWE-667
3067
+ languages:
3068
+ - go
3069
+ severity: WARNING
3070
+ - id: runsec.go-core.gox-206
3071
+ metadata:
3072
+ runsec_version: v1.0
3073
+ confidence: |-
3074
+ 0.9
3075
+ exploit_scenario: |-
3076
+ Concurrent writes produce inconsistent state and race-driven bypasses.
3077
+ fix_template: |-
3078
+ Autofix: wrap shared state writes with mutex lock and unlock.
3079
+ pattern-either:
3080
+ - pattern: |-
3081
+ go func(){ sharedCounter++ }()
3082
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-206\\b'
3083
+ message: |-
3084
+ RunSec Detection [GOX-206]: CWE-662
3085
+ languages:
3086
+ - go
3087
+ severity: WARNING
3088
+ - id: runsec.go-core.gox-207
3089
+ metadata:
3090
+ runsec_version: v1.0
3091
+ confidence: |-
3092
+ 0.9
3093
+ exploit_scenario: |-
3094
+ Nil interface panic causes request crash and availability impact.
3095
+ fix_template: |-
3096
+ Autofix: add nil guard for interface dependencies before method calls.
3097
+ pattern-either:
3098
+ - pattern: |-
3099
+ repo.GetUser(ctx, id)
3100
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-207\\b'
3101
+ message: |-
3102
+ RunSec Detection [GOX-207]: CWE-476
3103
+ languages:
3104
+ - go
3105
+ severity: WARNING
3106
+ - id: runsec.go-core.gox-208
3107
+ metadata:
3108
+ runsec_version: v1.0
3109
+ confidence: |-
3110
+ 0.9
3111
+ exploit_scenario: |-
3112
+ Cross-tenant object read is possible when IDs are not ownership-scoped.
3113
+ fix_template: |-
3114
+ Autofix: enforce tenant-bound ID resolver before object access.
3115
+ pattern-either:
3116
+ - pattern: |-
3117
+ orderID := r.URL.Query().Get("id")
3118
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-208\\b'
3119
+ message: |-
3120
+ RunSec Detection [GOX-208]: CWE-639
3121
+ languages:
3122
+ - go
3123
+ severity: WARNING
3124
+ - id: runsec.go-core.gox-209
3125
+ metadata:
3126
+ runsec_version: v1.0
3127
+ confidence: |-
3128
+ 0.9
3129
+ exploit_scenario: |-
3130
+ Untrusted keys can alter privilege-related fields.
3131
+ fix_template: |-
3132
+ Autofix: map only trusted keys instead of arbitrary payload map iteration.
3133
+ pattern-either:
3134
+ - pattern: |-
3135
+ for k, v := range payload { applyField(&user, k, v) }
3136
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-209\\b'
3137
+ message: |-
3138
+ RunSec Detection [GOX-209]: CWE-915
3139
+ languages:
3140
+ - go
3141
+ severity: WARNING
3142
+ - id: runsec.go-core.gox-210
3143
+ metadata:
3144
+ runsec_version: v1.0
3145
+ confidence: |-
3146
+ 0.9
3147
+ exploit_scenario: |-
3148
+ Untracked goroutines leak resources and produce non-deterministic behavior.
3149
+ fix_template: |-
3150
+ Autofix: add WaitGroup lifecycle around spawned goroutines.
3151
+ pattern-either:
3152
+ - pattern: |-
3153
+ go worker(task)
3154
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-210\\b'
3155
+ message: |-
3156
+ RunSec Detection [GOX-210]: CWE-667
3157
+ languages:
3158
+ - go
3159
+ severity: WARNING
3160
+ - id: runsec.go-core.gox-211
3161
+ metadata:
3162
+ runsec_version: v1.0
3163
+ confidence: |-
3164
+ 0.9
3165
+ exploit_scenario: |-
3166
+ Concurrent writes produce inconsistent state and race-driven bypasses.
3167
+ fix_template: |-
3168
+ Autofix: wrap shared state writes with mutex lock and unlock.
3169
+ pattern-either:
3170
+ - pattern: |-
3171
+ go func(){ sharedCounter++ }()
3172
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-211\\b'
3173
+ message: |-
3174
+ RunSec Detection [GOX-211]: CWE-662
3175
+ languages:
3176
+ - go
3177
+ severity: WARNING
3178
+ - id: runsec.go-core.gox-212
3179
+ metadata:
3180
+ runsec_version: v1.0
3181
+ confidence: |-
3182
+ 0.9
3183
+ exploit_scenario: |-
3184
+ Nil interface panic causes request crash and availability impact.
3185
+ fix_template: |-
3186
+ Autofix: add nil guard for interface dependencies before method calls.
3187
+ pattern-either:
3188
+ - pattern: |-
3189
+ repo.GetUser(ctx, id)
3190
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-212\\b'
3191
+ message: |-
3192
+ RunSec Detection [GOX-212]: CWE-476
3193
+ languages:
3194
+ - go
3195
+ severity: WARNING
3196
+ - id: runsec.go-core.gox-213
3197
+ metadata:
3198
+ runsec_version: v1.0
3199
+ confidence: |-
3200
+ 0.9
3201
+ exploit_scenario: |-
3202
+ Cross-tenant object read is possible when IDs are not ownership-scoped.
3203
+ fix_template: |-
3204
+ Autofix: enforce tenant-bound ID resolver before object access.
3205
+ pattern-either:
3206
+ - pattern: |-
3207
+ orderID := r.URL.Query().Get("id")
3208
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-213\\b'
3209
+ message: |-
3210
+ RunSec Detection [GOX-213]: CWE-639
3211
+ languages:
3212
+ - go
3213
+ severity: WARNING
3214
+ - id: runsec.go-core.gox-214
3215
+ metadata:
3216
+ runsec_version: v1.0
3217
+ confidence: |-
3218
+ 0.9
3219
+ exploit_scenario: |-
3220
+ Untrusted keys can alter privilege-related fields.
3221
+ fix_template: |-
3222
+ Autofix: map only trusted keys instead of arbitrary payload map iteration.
3223
+ pattern-either:
3224
+ - pattern: |-
3225
+ for k, v := range payload { applyField(&user, k, v) }
3226
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-214\\b'
3227
+ message: |-
3228
+ RunSec Detection [GOX-214]: CWE-915
3229
+ languages:
3230
+ - go
3231
+ severity: WARNING
3232
+ - id: runsec.go-core.gox-215
3233
+ metadata:
3234
+ runsec_version: v1.0
3235
+ confidence: |-
3236
+ 0.9
3237
+ exploit_scenario: |-
3238
+ Untracked goroutines leak resources and produce non-deterministic behavior.
3239
+ fix_template: |-
3240
+ Autofix: add WaitGroup lifecycle around spawned goroutines.
3241
+ pattern-either:
3242
+ - pattern: |-
3243
+ go worker(task)
3244
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-215\\b'
3245
+ message: |-
3246
+ RunSec Detection [GOX-215]: CWE-667
3247
+ languages:
3248
+ - go
3249
+ severity: WARNING
3250
+ - id: runsec.go-core.gox-216
3251
+ metadata:
3252
+ runsec_version: v1.0
3253
+ confidence: |-
3254
+ 0.9
3255
+ exploit_scenario: |-
3256
+ Concurrent writes produce inconsistent state and race-driven bypasses.
3257
+ fix_template: |-
3258
+ Autofix: wrap shared state writes with mutex lock and unlock.
3259
+ pattern-either:
3260
+ - pattern: |-
3261
+ go func(){ sharedCounter++ }()
3262
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-216\\b'
3263
+ message: |-
3264
+ RunSec Detection [GOX-216]: CWE-662
3265
+ languages:
3266
+ - go
3267
+ severity: WARNING
3268
+ - id: runsec.go-core.gox-217
3269
+ metadata:
3270
+ runsec_version: v1.0
3271
+ confidence: |-
3272
+ 0.9
3273
+ exploit_scenario: |-
3274
+ Nil interface panic causes request crash and availability impact.
3275
+ fix_template: |-
3276
+ Autofix: add nil guard for interface dependencies before method calls.
3277
+ pattern-either:
3278
+ - pattern: |-
3279
+ repo.GetUser(ctx, id)
3280
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-217\\b'
3281
+ message: |-
3282
+ RunSec Detection [GOX-217]: CWE-476
3283
+ languages:
3284
+ - go
3285
+ severity: WARNING
3286
+ - id: runsec.go-core.gox-218
3287
+ metadata:
3288
+ runsec_version: v1.0
3289
+ confidence: |-
3290
+ 0.9
3291
+ exploit_scenario: |-
3292
+ Cross-tenant object read is possible when IDs are not ownership-scoped.
3293
+ fix_template: |-
3294
+ Autofix: enforce tenant-bound ID resolver before object access.
3295
+ pattern-either:
3296
+ - pattern: |-
3297
+ orderID := r.URL.Query().Get("id")
3298
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-218\\b'
3299
+ message: |-
3300
+ RunSec Detection [GOX-218]: CWE-639
3301
+ languages:
3302
+ - go
3303
+ severity: WARNING
3304
+ - id: runsec.go-core.gox-219
3305
+ metadata:
3306
+ runsec_version: v1.0
3307
+ confidence: |-
3308
+ 0.9
3309
+ exploit_scenario: |-
3310
+ Untrusted keys can alter privilege-related fields.
3311
+ fix_template: |-
3312
+ Autofix: map only trusted keys instead of arbitrary payload map iteration.
3313
+ pattern-either:
3314
+ - pattern: |-
3315
+ for k, v := range payload { applyField(&user, k, v) }
3316
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-219\\b'
3317
+ message: |-
3318
+ RunSec Detection [GOX-219]: CWE-915
3319
+ languages:
3320
+ - go
3321
+ severity: WARNING
3322
+ - id: runsec.go-core.gox-220
3323
+ metadata:
3324
+ runsec_version: v1.0
3325
+ confidence: |-
3326
+ 0.9
3327
+ exploit_scenario: |-
3328
+ Untracked goroutines leak resources and produce non-deterministic behavior.
3329
+ fix_template: |-
3330
+ Autofix: add WaitGroup lifecycle around spawned goroutines.
3331
+ pattern-either:
3332
+ - pattern: |-
3333
+ go worker(task)
3334
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-220\\b'
3335
+ message: |-
3336
+ RunSec Detection [GOX-220]: CWE-667
3337
+ languages:
3338
+ - go
3339
+ severity: WARNING
3340
+ - id: runsec.go-core.gox-221
3341
+ metadata:
3342
+ runsec_version: v1.0
3343
+ confidence: |-
3344
+ 0.9
3345
+ exploit_scenario: |-
3346
+ Concurrent writes produce inconsistent state and race-driven bypasses.
3347
+ fix_template: |-
3348
+ Autofix: wrap shared state writes with mutex lock and unlock.
3349
+ pattern-either:
3350
+ - pattern: |-
3351
+ go func(){ sharedCounter++ }()
3352
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-221\\b'
3353
+ message: |-
3354
+ RunSec Detection [GOX-221]: CWE-662
3355
+ languages:
3356
+ - go
3357
+ severity: WARNING
3358
+ - id: runsec.go-core.gox-222
3359
+ metadata:
3360
+ runsec_version: v1.0
3361
+ confidence: |-
3362
+ 0.9
3363
+ exploit_scenario: |-
3364
+ Nil interface panic causes request crash and availability impact.
3365
+ fix_template: |-
3366
+ Autofix: add nil guard for interface dependencies before method calls.
3367
+ pattern-either:
3368
+ - pattern: |-
3369
+ repo.GetUser(ctx, id)
3370
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-222\\b'
3371
+ message: |-
3372
+ RunSec Detection [GOX-222]: CWE-476
3373
+ languages:
3374
+ - go
3375
+ severity: WARNING
3376
+ - id: runsec.go-core.gox-223
3377
+ metadata:
3378
+ runsec_version: v1.0
3379
+ confidence: |-
3380
+ 0.9
3381
+ exploit_scenario: |-
3382
+ Cross-tenant object read is possible when IDs are not ownership-scoped.
3383
+ fix_template: |-
3384
+ Autofix: enforce tenant-bound ID resolver before object access.
3385
+ pattern-either:
3386
+ - pattern: |-
3387
+ orderID := r.URL.Query().Get("id")
3388
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-223\\b'
3389
+ message: |-
3390
+ RunSec Detection [GOX-223]: CWE-639
3391
+ languages:
3392
+ - go
3393
+ severity: WARNING
3394
+ - id: runsec.go-core.gox-224
3395
+ metadata:
3396
+ runsec_version: v1.0
3397
+ confidence: |-
3398
+ 0.9
3399
+ exploit_scenario: |-
3400
+ Untrusted keys can alter privilege-related fields.
3401
+ fix_template: |-
3402
+ Autofix: map only trusted keys instead of arbitrary payload map iteration.
3403
+ pattern-either:
3404
+ - pattern: |-
3405
+ for k, v := range payload { applyField(&user, k, v) }
3406
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-224\\b'
3407
+ message: |-
3408
+ RunSec Detection [GOX-224]: CWE-915
3409
+ languages:
3410
+ - go
3411
+ severity: WARNING
3412
+ - id: runsec.go-core.gox-225
3413
+ metadata:
3414
+ runsec_version: v1.0
3415
+ confidence: |-
3416
+ 0.9
3417
+ exploit_scenario: |-
3418
+ Untracked goroutines leak resources and produce non-deterministic behavior.
3419
+ fix_template: |-
3420
+ Autofix: add WaitGroup lifecycle around spawned goroutines.
3421
+ pattern-either:
3422
+ - pattern: |-
3423
+ go worker(task)
3424
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-225\\b'
3425
+ message: |-
3426
+ RunSec Detection [GOX-225]: CWE-667
3427
+ languages:
3428
+ - go
3429
+ severity: WARNING
3430
+ - id: runsec.go-core.gox-226
3431
+ metadata:
3432
+ runsec_version: v1.0
3433
+ confidence: |-
3434
+ 0.9
3435
+ exploit_scenario: |-
3436
+ Concurrent writes produce inconsistent state and race-driven bypasses.
3437
+ fix_template: |-
3438
+ Autofix: wrap shared state writes with mutex lock and unlock.
3439
+ pattern-either:
3440
+ - pattern: |-
3441
+ go func(){ sharedCounter++ }()
3442
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-226\\b'
3443
+ message: |-
3444
+ RunSec Detection [GOX-226]: CWE-662
3445
+ languages:
3446
+ - go
3447
+ severity: WARNING
3448
+ - id: runsec.go-core.gox-227
3449
+ metadata:
3450
+ runsec_version: v1.0
3451
+ confidence: |-
3452
+ 0.9
3453
+ exploit_scenario: |-
3454
+ Nil interface panic causes request crash and availability impact.
3455
+ fix_template: |-
3456
+ Autofix: add nil guard for interface dependencies before method calls.
3457
+ pattern-either:
3458
+ - pattern: |-
3459
+ repo.GetUser(ctx, id)
3460
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-227\\b'
3461
+ message: |-
3462
+ RunSec Detection [GOX-227]: CWE-476
3463
+ languages:
3464
+ - go
3465
+ severity: WARNING
3466
+ - id: runsec.go-core.gox-228
3467
+ metadata:
3468
+ runsec_version: v1.0
3469
+ confidence: |-
3470
+ 0.9
3471
+ exploit_scenario: |-
3472
+ Cross-tenant object read is possible when IDs are not ownership-scoped.
3473
+ fix_template: |-
3474
+ Autofix: enforce tenant-bound ID resolver before object access.
3475
+ pattern-either:
3476
+ - pattern: |-
3477
+ orderID := r.URL.Query().Get("id")
3478
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-228\\b'
3479
+ message: |-
3480
+ RunSec Detection [GOX-228]: CWE-639
3481
+ languages:
3482
+ - go
3483
+ severity: WARNING
3484
+ - id: runsec.go-core.gox-229
3485
+ metadata:
3486
+ runsec_version: v1.0
3487
+ confidence: |-
3488
+ 0.9
3489
+ exploit_scenario: |-
3490
+ Untrusted keys can alter privilege-related fields.
3491
+ fix_template: |-
3492
+ Autofix: map only trusted keys instead of arbitrary payload map iteration.
3493
+ pattern-either:
3494
+ - pattern: |-
3495
+ for k, v := range payload { applyField(&user, k, v) }
3496
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-229\\b'
3497
+ message: |-
3498
+ RunSec Detection [GOX-229]: CWE-915
3499
+ languages:
3500
+ - go
3501
+ severity: WARNING
3502
+ - id: runsec.go-core.gox-230
3503
+ metadata:
3504
+ runsec_version: v1.0
3505
+ confidence: |-
3506
+ 0.9
3507
+ exploit_scenario: |-
3508
+ Untracked goroutines leak resources and produce non-deterministic behavior.
3509
+ fix_template: |-
3510
+ Autofix: add WaitGroup lifecycle around spawned goroutines.
3511
+ pattern-either:
3512
+ - pattern: |-
3513
+ go worker(task)
3514
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-230\\b'
3515
+ message: |-
3516
+ RunSec Detection [GOX-230]: CWE-667
3517
+ languages:
3518
+ - go
3519
+ severity: WARNING
3520
+ - id: runsec.go-core.gox-231
3521
+ metadata:
3522
+ runsec_version: v1.0
3523
+ confidence: |-
3524
+ 0.9
3525
+ exploit_scenario: |-
3526
+ Concurrent writes produce inconsistent state and race-driven bypasses.
3527
+ fix_template: |-
3528
+ Autofix: wrap shared state writes with mutex lock and unlock.
3529
+ pattern-either:
3530
+ - pattern: |-
3531
+ go func(){ sharedCounter++ }()
3532
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-231\\b'
3533
+ message: |-
3534
+ RunSec Detection [GOX-231]: CWE-662
3535
+ languages:
3536
+ - go
3537
+ severity: WARNING
3538
+ - id: runsec.go-core.gox-232
3539
+ metadata:
3540
+ runsec_version: v1.0
3541
+ confidence: |-
3542
+ 0.9
3543
+ exploit_scenario: |-
3544
+ Nil interface panic causes request crash and availability impact.
3545
+ fix_template: |-
3546
+ Autofix: add nil guard for interface dependencies before method calls.
3547
+ pattern-either:
3548
+ - pattern: |-
3549
+ repo.GetUser(ctx, id)
3550
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-232\\b'
3551
+ message: |-
3552
+ RunSec Detection [GOX-232]: CWE-476
3553
+ languages:
3554
+ - go
3555
+ severity: WARNING
3556
+ - id: runsec.go-core.gox-233
3557
+ metadata:
3558
+ runsec_version: v1.0
3559
+ confidence: |-
3560
+ 0.9
3561
+ exploit_scenario: |-
3562
+ Cross-tenant object read is possible when IDs are not ownership-scoped.
3563
+ fix_template: |-
3564
+ Autofix: enforce tenant-bound ID resolver before object access.
3565
+ pattern-either:
3566
+ - pattern: |-
3567
+ orderID := r.URL.Query().Get("id")
3568
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-233\\b'
3569
+ message: |-
3570
+ RunSec Detection [GOX-233]: CWE-639
3571
+ languages:
3572
+ - go
3573
+ severity: WARNING
3574
+ - id: runsec.go-core.gox-234
3575
+ metadata:
3576
+ runsec_version: v1.0
3577
+ confidence: |-
3578
+ 0.9
3579
+ exploit_scenario: |-
3580
+ Untrusted keys can alter privilege-related fields.
3581
+ fix_template: |-
3582
+ Autofix: map only trusted keys instead of arbitrary payload map iteration.
3583
+ pattern-either:
3584
+ - pattern: |-
3585
+ for k, v := range payload { applyField(&user, k, v) }
3586
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-234\\b'
3587
+ message: |-
3588
+ RunSec Detection [GOX-234]: CWE-915
3589
+ languages:
3590
+ - go
3591
+ severity: WARNING
3592
+ - id: runsec.go-core.gox-235
3593
+ metadata:
3594
+ runsec_version: v1.0
3595
+ confidence: |-
3596
+ 0.9
3597
+ exploit_scenario: |-
3598
+ Untracked goroutines leak resources and produce non-deterministic behavior.
3599
+ fix_template: |-
3600
+ Autofix: add WaitGroup lifecycle around spawned goroutines.
3601
+ pattern-either:
3602
+ - pattern: |-
3603
+ go worker(task)
3604
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-235\\b'
3605
+ message: |-
3606
+ RunSec Detection [GOX-235]: CWE-667
3607
+ languages:
3608
+ - go
3609
+ severity: WARNING
3610
+ - id: runsec.go-core.gox-236
3611
+ metadata:
3612
+ runsec_version: v1.0
3613
+ confidence: |-
3614
+ 0.9
3615
+ exploit_scenario: |-
3616
+ Concurrent writes produce inconsistent state and race-driven bypasses.
3617
+ fix_template: |-
3618
+ Autofix: wrap shared state writes with mutex lock and unlock.
3619
+ pattern-either:
3620
+ - pattern: |-
3621
+ go func(){ sharedCounter++ }()
3622
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-236\\b'
3623
+ message: |-
3624
+ RunSec Detection [GOX-236]: CWE-662
3625
+ languages:
3626
+ - go
3627
+ severity: WARNING
3628
+ - id: runsec.go-core.gox-237
3629
+ metadata:
3630
+ runsec_version: v1.0
3631
+ confidence: |-
3632
+ 0.9
3633
+ exploit_scenario: |-
3634
+ Nil interface panic causes request crash and availability impact.
3635
+ fix_template: |-
3636
+ Autofix: add nil guard for interface dependencies before method calls.
3637
+ pattern-either:
3638
+ - pattern: |-
3639
+ repo.GetUser(ctx, id)
3640
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-237\\b'
3641
+ message: |-
3642
+ RunSec Detection [GOX-237]: CWE-476
3643
+ languages:
3644
+ - go
3645
+ severity: WARNING
3646
+ - id: runsec.go-core.gox-238
3647
+ metadata:
3648
+ runsec_version: v1.0
3649
+ confidence: |-
3650
+ 0.9
3651
+ exploit_scenario: |-
3652
+ Cross-tenant object read is possible when IDs are not ownership-scoped.
3653
+ fix_template: |-
3654
+ Autofix: enforce tenant-bound ID resolver before object access.
3655
+ pattern-either:
3656
+ - pattern: |-
3657
+ orderID := r.URL.Query().Get("id")
3658
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-238\\b'
3659
+ message: |-
3660
+ RunSec Detection [GOX-238]: CWE-639
3661
+ languages:
3662
+ - go
3663
+ severity: WARNING
3664
+ - id: runsec.go-core.gox-239
3665
+ metadata:
3666
+ runsec_version: v1.0
3667
+ confidence: |-
3668
+ 0.9
3669
+ exploit_scenario: |-
3670
+ Untrusted keys can alter privilege-related fields.
3671
+ fix_template: |-
3672
+ Autofix: map only trusted keys instead of arbitrary payload map iteration.
3673
+ pattern-either:
3674
+ - pattern: |-
3675
+ for k, v := range payload { applyField(&user, k, v) }
3676
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-239\\b'
3677
+ message: |-
3678
+ RunSec Detection [GOX-239]: CWE-915
3679
+ languages:
3680
+ - go
3681
+ severity: WARNING
3682
+ - id: runsec.go-core.gox-240
3683
+ metadata:
3684
+ runsec_version: v1.0
3685
+ confidence: |-
3686
+ 0.9
3687
+ exploit_scenario: |-
3688
+ Untracked goroutines leak resources and produce non-deterministic behavior.
3689
+ fix_template: |-
3690
+ Autofix: add WaitGroup lifecycle around spawned goroutines.
3691
+ pattern-either:
3692
+ - pattern: |-
3693
+ go worker(task)
3694
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-240\\b'
3695
+ message: |-
3696
+ RunSec Detection [GOX-240]: CWE-667
3697
+ languages:
3698
+ - go
3699
+ severity: WARNING
3700
+ - id: runsec.go-core.gox-241
3701
+ metadata:
3702
+ runsec_version: v1.0
3703
+ confidence: |-
3704
+ 0.9
3705
+ exploit_scenario: |-
3706
+ Concurrent writes produce inconsistent state and race-driven bypasses.
3707
+ fix_template: |-
3708
+ Autofix: wrap shared state writes with mutex lock and unlock.
3709
+ pattern-either:
3710
+ - pattern: |-
3711
+ go func(){ sharedCounter++ }()
3712
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-241\\b'
3713
+ message: |-
3714
+ RunSec Detection [GOX-241]: CWE-662
3715
+ languages:
3716
+ - go
3717
+ severity: WARNING
3718
+ - id: runsec.go-core.gox-242
3719
+ metadata:
3720
+ runsec_version: v1.0
3721
+ confidence: |-
3722
+ 0.9
3723
+ exploit_scenario: |-
3724
+ Nil interface panic causes request crash and availability impact.
3725
+ fix_template: |-
3726
+ Autofix: add nil guard for interface dependencies before method calls.
3727
+ pattern-either:
3728
+ - pattern: |-
3729
+ repo.GetUser(ctx, id)
3730
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-242\\b'
3731
+ message: |-
3732
+ RunSec Detection [GOX-242]: CWE-476
3733
+ languages:
3734
+ - go
3735
+ severity: WARNING
3736
+ - id: runsec.go-core.gox-243
3737
+ metadata:
3738
+ runsec_version: v1.0
3739
+ confidence: |-
3740
+ 0.9
3741
+ exploit_scenario: |-
3742
+ Cross-tenant object read is possible when IDs are not ownership-scoped.
3743
+ fix_template: |-
3744
+ Autofix: enforce tenant-bound ID resolver before object access.
3745
+ pattern-either:
3746
+ - pattern: |-
3747
+ orderID := r.URL.Query().Get("id")
3748
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-243\\b'
3749
+ message: |-
3750
+ RunSec Detection [GOX-243]: CWE-639
3751
+ languages:
3752
+ - go
3753
+ severity: WARNING
3754
+ - id: runsec.go-core.gox-244
3755
+ metadata:
3756
+ runsec_version: v1.0
3757
+ confidence: |-
3758
+ 0.9
3759
+ exploit_scenario: |-
3760
+ Untrusted keys can alter privilege-related fields.
3761
+ fix_template: |-
3762
+ Autofix: map only trusted keys instead of arbitrary payload map iteration.
3763
+ pattern-either:
3764
+ - pattern: |-
3765
+ for k, v := range payload { applyField(&user, k, v) }
3766
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-244\\b'
3767
+ message: |-
3768
+ RunSec Detection [GOX-244]: CWE-915
3769
+ languages:
3770
+ - go
3771
+ severity: WARNING
3772
+ - id: runsec.go-core.gox-245
3773
+ metadata:
3774
+ runsec_version: v1.0
3775
+ confidence: |-
3776
+ 0.9
3777
+ exploit_scenario: |-
3778
+ Untracked goroutines leak resources and produce non-deterministic behavior.
3779
+ fix_template: |-
3780
+ Autofix: add WaitGroup lifecycle around spawned goroutines.
3781
+ pattern-either:
3782
+ - pattern: |-
3783
+ go worker(task)
3784
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-245\\b'
3785
+ message: |-
3786
+ RunSec Detection [GOX-245]: CWE-667
3787
+ languages:
3788
+ - go
3789
+ severity: WARNING
3790
+ - id: runsec.go-core.gox-246
3791
+ metadata:
3792
+ runsec_version: v1.0
3793
+ confidence: |-
3794
+ 0.9
3795
+ exploit_scenario: |-
3796
+ Concurrent writes produce inconsistent state and race-driven bypasses.
3797
+ fix_template: |-
3798
+ Autofix: wrap shared state writes with mutex lock and unlock.
3799
+ pattern-either:
3800
+ - pattern: |-
3801
+ go func(){ sharedCounter++ }()
3802
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-246\\b'
3803
+ message: |-
3804
+ RunSec Detection [GOX-246]: CWE-662
3805
+ languages:
3806
+ - go
3807
+ severity: WARNING
3808
+ - id: runsec.go-core.gox-247
3809
+ metadata:
3810
+ runsec_version: v1.0
3811
+ confidence: |-
3812
+ 0.9
3813
+ exploit_scenario: |-
3814
+ Nil interface panic causes request crash and availability impact.
3815
+ fix_template: |-
3816
+ Autofix: add nil guard for interface dependencies before method calls.
3817
+ pattern-either:
3818
+ - pattern: |-
3819
+ repo.GetUser(ctx, id)
3820
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-247\\b'
3821
+ message: |-
3822
+ RunSec Detection [GOX-247]: CWE-476
3823
+ languages:
3824
+ - go
3825
+ severity: WARNING
3826
+ - id: runsec.go-core.gox-248
3827
+ metadata:
3828
+ runsec_version: v1.0
3829
+ confidence: |-
3830
+ 0.9
3831
+ exploit_scenario: |-
3832
+ Cross-tenant object read is possible when IDs are not ownership-scoped.
3833
+ fix_template: |-
3834
+ Autofix: enforce tenant-bound ID resolver before object access.
3835
+ pattern-either:
3836
+ - pattern: |-
3837
+ orderID := r.URL.Query().Get("id")
3838
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-248\\b'
3839
+ message: |-
3840
+ RunSec Detection [GOX-248]: CWE-639
3841
+ languages:
3842
+ - go
3843
+ severity: WARNING
3844
+ - id: runsec.go-core.gox-249
3845
+ metadata:
3846
+ runsec_version: v1.0
3847
+ confidence: |-
3848
+ 0.9
3849
+ exploit_scenario: |-
3850
+ Untrusted keys can alter privilege-related fields.
3851
+ fix_template: |-
3852
+ Autofix: map only trusted keys instead of arbitrary payload map iteration.
3853
+ pattern-either:
3854
+ - pattern: |-
3855
+ for k, v := range payload { applyField(&user, k, v) }
3856
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-249\\b'
3857
+ message: |-
3858
+ RunSec Detection [GOX-249]: CWE-915
3859
+ languages:
3860
+ - go
3861
+ severity: WARNING
3862
+ - id: runsec.go-core.gox-250
3863
+ metadata:
3864
+ runsec_version: v1.0
3865
+ confidence: |-
3866
+ 0.9
3867
+ exploit_scenario: |-
3868
+ Untracked goroutines leak resources and produce non-deterministic behavior.
3869
+ fix_template: |-
3870
+ Autofix: add WaitGroup lifecycle around spawned goroutines.
3871
+ pattern-either:
3872
+ - pattern: |-
3873
+ go worker(task)
3874
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-250\\b'
3875
+ message: |-
3876
+ RunSec Detection [GOX-250]: CWE-667
3877
+ languages:
3878
+ - go
3879
+ severity: WARNING
3880
+ - id: runsec.go-core.gox-251
3881
+ metadata:
3882
+ runsec_version: v1.0
3883
+ confidence: |-
3884
+ 0.9
3885
+ exploit_scenario: |-
3886
+ Concurrent writes produce inconsistent state and race-driven bypasses.
3887
+ fix_template: |-
3888
+ Autofix: wrap shared state writes with mutex lock and unlock.
3889
+ pattern-either:
3890
+ - pattern: |-
3891
+ go func(){ sharedCounter++ }()
3892
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-251\\b'
3893
+ message: |-
3894
+ RunSec Detection [GOX-251]: CWE-662
3895
+ languages:
3896
+ - go
3897
+ severity: WARNING
3898
+ - id: runsec.go-core.gox-252
3899
+ metadata:
3900
+ runsec_version: v1.0
3901
+ confidence: |-
3902
+ 0.9
3903
+ exploit_scenario: |-
3904
+ Nil interface panic causes request crash and availability impact.
3905
+ fix_template: |-
3906
+ Autofix: add nil guard for interface dependencies before method calls.
3907
+ pattern-either:
3908
+ - pattern: |-
3909
+ repo.GetUser(ctx, id)
3910
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-252\\b'
3911
+ message: |-
3912
+ RunSec Detection [GOX-252]: CWE-476
3913
+ languages:
3914
+ - go
3915
+ severity: WARNING
3916
+ - id: runsec.go-core.gox-253
3917
+ metadata:
3918
+ runsec_version: v1.0
3919
+ confidence: |-
3920
+ 0.9
3921
+ exploit_scenario: |-
3922
+ Cross-tenant object read is possible when IDs are not ownership-scoped.
3923
+ fix_template: |-
3924
+ Autofix: enforce tenant-bound ID resolver before object access.
3925
+ pattern-either:
3926
+ - pattern: |-
3927
+ orderID := r.URL.Query().Get("id")
3928
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-253\\b'
3929
+ message: |-
3930
+ RunSec Detection [GOX-253]: CWE-639
3931
+ languages:
3932
+ - go
3933
+ severity: WARNING
3934
+ - id: runsec.go-core.gox-254
3935
+ metadata:
3936
+ runsec_version: v1.0
3937
+ confidence: |-
3938
+ 0.9
3939
+ exploit_scenario: |-
3940
+ Untrusted keys can alter privilege-related fields.
3941
+ fix_template: |-
3942
+ Autofix: map only trusted keys instead of arbitrary payload map iteration.
3943
+ pattern-either:
3944
+ - pattern: |-
3945
+ for k, v := range payload { applyField(&user, k, v) }
3946
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-254\\b'
3947
+ message: |-
3948
+ RunSec Detection [GOX-254]: CWE-915
3949
+ languages:
3950
+ - go
3951
+ severity: WARNING
3952
+ - id: runsec.go-core.gox-255
3953
+ metadata:
3954
+ runsec_version: v1.0
3955
+ confidence: |-
3956
+ 0.9
3957
+ exploit_scenario: |-
3958
+ Untracked goroutines leak resources and produce non-deterministic behavior.
3959
+ fix_template: |-
3960
+ Autofix: add WaitGroup lifecycle around spawned goroutines.
3961
+ pattern-either:
3962
+ - pattern: |-
3963
+ go worker(task)
3964
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-255\\b'
3965
+ message: |-
3966
+ RunSec Detection [GOX-255]: CWE-667
3967
+ languages:
3968
+ - go
3969
+ severity: WARNING
3970
+ - id: runsec.go-core.gox-256
3971
+ metadata:
3972
+ runsec_version: v1.0
3973
+ confidence: |-
3974
+ 0.9
3975
+ exploit_scenario: |-
3976
+ Concurrent writes produce inconsistent state and race-driven bypasses.
3977
+ fix_template: |-
3978
+ Autofix: wrap shared state writes with mutex lock and unlock.
3979
+ pattern-either:
3980
+ - pattern: |-
3981
+ go func(){ sharedCounter++ }()
3982
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-256\\b'
3983
+ message: |-
3984
+ RunSec Detection [GOX-256]: CWE-662
3985
+ languages:
3986
+ - go
3987
+ severity: WARNING
3988
+ - id: runsec.go-core.gox-257
3989
+ metadata:
3990
+ runsec_version: v1.0
3991
+ confidence: |-
3992
+ 0.9
3993
+ exploit_scenario: |-
3994
+ Nil interface panic causes request crash and availability impact.
3995
+ fix_template: |-
3996
+ Autofix: add nil guard for interface dependencies before method calls.
3997
+ pattern-either:
3998
+ - pattern: |-
3999
+ repo.GetUser(ctx, id)
4000
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-257\\b'
4001
+ message: |-
4002
+ RunSec Detection [GOX-257]: CWE-476
4003
+ languages:
4004
+ - go
4005
+ severity: WARNING
4006
+ - id: runsec.go-core.gox-258
4007
+ metadata:
4008
+ runsec_version: v1.0
4009
+ confidence: |-
4010
+ 0.9
4011
+ exploit_scenario: |-
4012
+ Cross-tenant object read is possible when IDs are not ownership-scoped.
4013
+ fix_template: |-
4014
+ Autofix: enforce tenant-bound ID resolver before object access.
4015
+ pattern-either:
4016
+ - pattern: |-
4017
+ orderID := r.URL.Query().Get("id")
4018
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-258\\b'
4019
+ message: |-
4020
+ RunSec Detection [GOX-258]: CWE-639
4021
+ languages:
4022
+ - go
4023
+ severity: WARNING
4024
+ - id: runsec.go-core.gox-259
4025
+ metadata:
4026
+ runsec_version: v1.0
4027
+ confidence: |-
4028
+ 0.9
4029
+ exploit_scenario: |-
4030
+ Untrusted keys can alter privilege-related fields.
4031
+ fix_template: |-
4032
+ Autofix: map only trusted keys instead of arbitrary payload map iteration.
4033
+ pattern-either:
4034
+ - pattern: |-
4035
+ for k, v := range payload { applyField(&user, k, v) }
4036
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-259\\b'
4037
+ message: |-
4038
+ RunSec Detection [GOX-259]: CWE-915
4039
+ languages:
4040
+ - go
4041
+ severity: WARNING
4042
+ - id: runsec.go-core.gox-260
4043
+ metadata:
4044
+ runsec_version: v1.0
4045
+ confidence: |-
4046
+ 0.9
4047
+ exploit_scenario: |-
4048
+ Untracked goroutines leak resources and produce non-deterministic behavior.
4049
+ fix_template: |-
4050
+ Autofix: add WaitGroup lifecycle around spawned goroutines.
4051
+ pattern-either:
4052
+ - pattern: |-
4053
+ go worker(task)
4054
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-260\\b'
4055
+ message: |-
4056
+ RunSec Detection [GOX-260]: CWE-667
4057
+ languages:
4058
+ - go
4059
+ severity: WARNING
4060
+ - id: runsec.go-core.gox-261
4061
+ metadata:
4062
+ runsec_version: v1.0
4063
+ confidence: |-
4064
+ 0.9
4065
+ exploit_scenario: |-
4066
+ Concurrent writes produce inconsistent state and race-driven bypasses.
4067
+ fix_template: |-
4068
+ Autofix: wrap shared state writes with mutex lock and unlock.
4069
+ pattern-either:
4070
+ - pattern: |-
4071
+ go func(){ sharedCounter++ }()
4072
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-261\\b'
4073
+ message: |-
4074
+ RunSec Detection [GOX-261]: CWE-662
4075
+ languages:
4076
+ - go
4077
+ severity: WARNING
4078
+ - id: runsec.go-core.gox-262
4079
+ metadata:
4080
+ runsec_version: v1.0
4081
+ confidence: |-
4082
+ 0.9
4083
+ exploit_scenario: |-
4084
+ Nil interface panic causes request crash and availability impact.
4085
+ fix_template: |-
4086
+ Autofix: add nil guard for interface dependencies before method calls.
4087
+ pattern-either:
4088
+ - pattern: |-
4089
+ repo.GetUser(ctx, id)
4090
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-262\\b'
4091
+ message: |-
4092
+ RunSec Detection [GOX-262]: CWE-476
4093
+ languages:
4094
+ - go
4095
+ severity: WARNING
4096
+ - id: runsec.go-core.gox-263
4097
+ metadata:
4098
+ runsec_version: v1.0
4099
+ confidence: |-
4100
+ 0.9
4101
+ exploit_scenario: |-
4102
+ Cross-tenant object read is possible when IDs are not ownership-scoped.
4103
+ fix_template: |-
4104
+ Autofix: enforce tenant-bound ID resolver before object access.
4105
+ pattern-either:
4106
+ - pattern: |-
4107
+ orderID := r.URL.Query().Get("id")
4108
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-263\\b'
4109
+ message: |-
4110
+ RunSec Detection [GOX-263]: CWE-639
4111
+ languages:
4112
+ - go
4113
+ severity: WARNING
4114
+ - id: runsec.go-core.gox-264
4115
+ metadata:
4116
+ runsec_version: v1.0
4117
+ confidence: |-
4118
+ 0.9
4119
+ exploit_scenario: |-
4120
+ Untrusted keys can alter privilege-related fields.
4121
+ fix_template: |-
4122
+ Autofix: map only trusted keys instead of arbitrary payload map iteration.
4123
+ pattern-either:
4124
+ - pattern: |-
4125
+ for k, v := range payload { applyField(&user, k, v) }
4126
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-264\\b'
4127
+ message: |-
4128
+ RunSec Detection [GOX-264]: CWE-915
4129
+ languages:
4130
+ - go
4131
+ severity: WARNING
4132
+ - id: runsec.go-core.gox-265
4133
+ metadata:
4134
+ runsec_version: v1.0
4135
+ confidence: |-
4136
+ 0.9
4137
+ exploit_scenario: |-
4138
+ Untracked goroutines leak resources and produce non-deterministic behavior.
4139
+ fix_template: |-
4140
+ Autofix: add WaitGroup lifecycle around spawned goroutines.
4141
+ pattern-either:
4142
+ - pattern: |-
4143
+ go worker(task)
4144
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-265\\b'
4145
+ message: |-
4146
+ RunSec Detection [GOX-265]: CWE-667
4147
+ languages:
4148
+ - go
4149
+ severity: WARNING
4150
+ - id: runsec.go-core.gox-266
4151
+ metadata:
4152
+ runsec_version: v1.0
4153
+ confidence: |-
4154
+ 0.9
4155
+ exploit_scenario: |-
4156
+ Concurrent writes produce inconsistent state and race-driven bypasses.
4157
+ fix_template: |-
4158
+ Autofix: wrap shared state writes with mutex lock and unlock.
4159
+ pattern-either:
4160
+ - pattern: |-
4161
+ go func(){ sharedCounter++ }()
4162
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-266\\b'
4163
+ message: |-
4164
+ RunSec Detection [GOX-266]: CWE-662
4165
+ languages:
4166
+ - go
4167
+ severity: WARNING
4168
+ - id: runsec.go-core.gox-267
4169
+ metadata:
4170
+ runsec_version: v1.0
4171
+ confidence: |-
4172
+ 0.9
4173
+ exploit_scenario: |-
4174
+ Nil interface panic causes request crash and availability impact.
4175
+ fix_template: |-
4176
+ Autofix: add nil guard for interface dependencies before method calls.
4177
+ pattern-either:
4178
+ - pattern: |-
4179
+ repo.GetUser(ctx, id)
4180
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-267\\b'
4181
+ message: |-
4182
+ RunSec Detection [GOX-267]: CWE-476
4183
+ languages:
4184
+ - go
4185
+ severity: WARNING
4186
+ - id: runsec.go-core.gox-268
4187
+ metadata:
4188
+ runsec_version: v1.0
4189
+ confidence: |-
4190
+ 0.9
4191
+ exploit_scenario: |-
4192
+ Cross-tenant object read is possible when IDs are not ownership-scoped.
4193
+ fix_template: |-
4194
+ Autofix: enforce tenant-bound ID resolver before object access.
4195
+ pattern-either:
4196
+ - pattern: |-
4197
+ orderID := r.URL.Query().Get("id")
4198
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-268\\b'
4199
+ message: |-
4200
+ RunSec Detection [GOX-268]: CWE-639
4201
+ languages:
4202
+ - go
4203
+ severity: WARNING
4204
+ - id: runsec.go-core.gox-269
4205
+ metadata:
4206
+ runsec_version: v1.0
4207
+ confidence: |-
4208
+ 0.9
4209
+ exploit_scenario: |-
4210
+ Untrusted keys can alter privilege-related fields.
4211
+ fix_template: |-
4212
+ Autofix: map only trusted keys instead of arbitrary payload map iteration.
4213
+ pattern-either:
4214
+ - pattern: |-
4215
+ for k, v := range payload { applyField(&user, k, v) }
4216
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-269\\b'
4217
+ message: |-
4218
+ RunSec Detection [GOX-269]: CWE-915
4219
+ languages:
4220
+ - go
4221
+ severity: WARNING
4222
+ - id: runsec.go-core.gox-270
4223
+ metadata:
4224
+ runsec_version: v1.0
4225
+ confidence: |-
4226
+ 0.9
4227
+ exploit_scenario: |-
4228
+ Untracked goroutines leak resources and produce non-deterministic behavior.
4229
+ fix_template: |-
4230
+ Autofix: add WaitGroup lifecycle around spawned goroutines.
4231
+ pattern-either:
4232
+ - pattern: |-
4233
+ go worker(task)
4234
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-270\\b'
4235
+ message: |-
4236
+ RunSec Detection [GOX-270]: CWE-667
4237
+ languages:
4238
+ - go
4239
+ severity: WARNING
4240
+ - id: runsec.go-core.gox-271
4241
+ metadata:
4242
+ runsec_version: v1.0
4243
+ confidence: |-
4244
+ 0.9
4245
+ exploit_scenario: |-
4246
+ Concurrent writes produce inconsistent state and race-driven bypasses.
4247
+ fix_template: |-
4248
+ Autofix: wrap shared state writes with mutex lock and unlock.
4249
+ pattern-either:
4250
+ - pattern: |-
4251
+ go func(){ sharedCounter++ }()
4252
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-271\\b'
4253
+ message: |-
4254
+ RunSec Detection [GOX-271]: CWE-662
4255
+ languages:
4256
+ - go
4257
+ severity: WARNING
4258
+ - id: runsec.go-core.gox-272
4259
+ metadata:
4260
+ runsec_version: v1.0
4261
+ confidence: |-
4262
+ 0.9
4263
+ exploit_scenario: |-
4264
+ Nil interface panic causes request crash and availability impact.
4265
+ fix_template: |-
4266
+ Autofix: add nil guard for interface dependencies before method calls.
4267
+ pattern-either:
4268
+ - pattern: |-
4269
+ repo.GetUser(ctx, id)
4270
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-272\\b'
4271
+ message: |-
4272
+ RunSec Detection [GOX-272]: CWE-476
4273
+ languages:
4274
+ - go
4275
+ severity: WARNING
4276
+ - id: runsec.go-core.gox-273
4277
+ metadata:
4278
+ runsec_version: v1.0
4279
+ confidence: |-
4280
+ 0.9
4281
+ exploit_scenario: |-
4282
+ Cross-tenant object read is possible when IDs are not ownership-scoped.
4283
+ fix_template: |-
4284
+ Autofix: enforce tenant-bound ID resolver before object access.
4285
+ pattern-either:
4286
+ - pattern: |-
4287
+ orderID := r.URL.Query().Get("id")
4288
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-273\\b'
4289
+ message: |-
4290
+ RunSec Detection [GOX-273]: CWE-639
4291
+ languages:
4292
+ - go
4293
+ severity: WARNING
4294
+ - id: runsec.go-core.gox-274
4295
+ metadata:
4296
+ runsec_version: v1.0
4297
+ confidence: |-
4298
+ 0.9
4299
+ exploit_scenario: |-
4300
+ Untrusted keys can alter privilege-related fields.
4301
+ fix_template: |-
4302
+ Autofix: map only trusted keys instead of arbitrary payload map iteration.
4303
+ pattern-either:
4304
+ - pattern: |-
4305
+ for k, v := range payload { applyField(&user, k, v) }
4306
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-274\\b'
4307
+ message: |-
4308
+ RunSec Detection [GOX-274]: CWE-915
4309
+ languages:
4310
+ - go
4311
+ severity: WARNING
4312
+ - id: runsec.go-core.gox-275
4313
+ metadata:
4314
+ runsec_version: v1.0
4315
+ confidence: |-
4316
+ 0.9
4317
+ exploit_scenario: |-
4318
+ Untracked goroutines leak resources and produce non-deterministic behavior.
4319
+ fix_template: |-
4320
+ Autofix: add WaitGroup lifecycle around spawned goroutines.
4321
+ pattern-either:
4322
+ - pattern: |-
4323
+ go worker(task)
4324
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-275\\b'
4325
+ message: |-
4326
+ RunSec Detection [GOX-275]: CWE-667
4327
+ languages:
4328
+ - go
4329
+ severity: WARNING
4330
+ - id: runsec.go-core.gox-276
4331
+ metadata:
4332
+ runsec_version: v1.0
4333
+ confidence: |-
4334
+ 0.9
4335
+ exploit_scenario: |-
4336
+ Concurrent writes produce inconsistent state and race-driven bypasses.
4337
+ fix_template: |-
4338
+ Autofix: wrap shared state writes with mutex lock and unlock.
4339
+ pattern-either:
4340
+ - pattern: |-
4341
+ go func(){ sharedCounter++ }()
4342
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-276\\b'
4343
+ message: |-
4344
+ RunSec Detection [GOX-276]: CWE-662
4345
+ languages:
4346
+ - go
4347
+ severity: WARNING
4348
+ - id: runsec.go-core.gox-277
4349
+ metadata:
4350
+ runsec_version: v1.0
4351
+ confidence: |-
4352
+ 0.9
4353
+ exploit_scenario: |-
4354
+ Nil interface panic causes request crash and availability impact.
4355
+ fix_template: |-
4356
+ Autofix: add nil guard for interface dependencies before method calls.
4357
+ pattern-either:
4358
+ - pattern: |-
4359
+ repo.GetUser(ctx, id)
4360
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-277\\b'
4361
+ message: |-
4362
+ RunSec Detection [GOX-277]: CWE-476
4363
+ languages:
4364
+ - go
4365
+ severity: WARNING
4366
+ - id: runsec.go-core.gox-278
4367
+ metadata:
4368
+ runsec_version: v1.0
4369
+ confidence: |-
4370
+ 0.9
4371
+ exploit_scenario: |-
4372
+ Cross-tenant object read is possible when IDs are not ownership-scoped.
4373
+ fix_template: |-
4374
+ Autofix: enforce tenant-bound ID resolver before object access.
4375
+ pattern-either:
4376
+ - pattern: |-
4377
+ orderID := r.URL.Query().Get("id")
4378
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-278\\b'
4379
+ message: |-
4380
+ RunSec Detection [GOX-278]: CWE-639
4381
+ languages:
4382
+ - go
4383
+ severity: WARNING
4384
+ - id: runsec.go-core.gox-279
4385
+ metadata:
4386
+ runsec_version: v1.0
4387
+ confidence: |-
4388
+ 0.9
4389
+ exploit_scenario: |-
4390
+ Untrusted keys can alter privilege-related fields.
4391
+ fix_template: |-
4392
+ Autofix: map only trusted keys instead of arbitrary payload map iteration.
4393
+ pattern-either:
4394
+ - pattern: |-
4395
+ for k, v := range payload { applyField(&user, k, v) }
4396
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-279\\b'
4397
+ message: |-
4398
+ RunSec Detection [GOX-279]: CWE-915
4399
+ languages:
4400
+ - go
4401
+ severity: WARNING
4402
+ - id: runsec.go-core.gox-280
4403
+ metadata:
4404
+ runsec_version: v1.0
4405
+ confidence: |-
4406
+ 0.9
4407
+ exploit_scenario: |-
4408
+ Untracked goroutines leak resources and produce non-deterministic behavior.
4409
+ fix_template: |-
4410
+ Autofix: add WaitGroup lifecycle around spawned goroutines.
4411
+ pattern-either:
4412
+ - pattern: |-
4413
+ go worker(task)
4414
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-280\\b'
4415
+ message: |-
4416
+ RunSec Detection [GOX-280]: CWE-667
4417
+ languages:
4418
+ - go
4419
+ severity: WARNING
4420
+ - id: runsec.go-core.gox-281
4421
+ metadata:
4422
+ runsec_version: v1.0
4423
+ confidence: |-
4424
+ 0.9
4425
+ exploit_scenario: |-
4426
+ Concurrent writes produce inconsistent state and race-driven bypasses.
4427
+ fix_template: |-
4428
+ Autofix: wrap shared state writes with mutex lock and unlock.
4429
+ pattern-either:
4430
+ - pattern: |-
4431
+ go func(){ sharedCounter++ }()
4432
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-281\\b'
4433
+ message: |-
4434
+ RunSec Detection [GOX-281]: CWE-662
4435
+ languages:
4436
+ - go
4437
+ severity: WARNING
4438
+ - id: runsec.go-core.gox-282
4439
+ metadata:
4440
+ runsec_version: v1.0
4441
+ confidence: |-
4442
+ 0.9
4443
+ exploit_scenario: |-
4444
+ Nil interface panic causes request crash and availability impact.
4445
+ fix_template: |-
4446
+ Autofix: add nil guard for interface dependencies before method calls.
4447
+ pattern-either:
4448
+ - pattern: |-
4449
+ repo.GetUser(ctx, id)
4450
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-282\\b'
4451
+ message: |-
4452
+ RunSec Detection [GOX-282]: CWE-476
4453
+ languages:
4454
+ - go
4455
+ severity: WARNING
4456
+ - id: runsec.go-core.gox-283
4457
+ metadata:
4458
+ runsec_version: v1.0
4459
+ confidence: |-
4460
+ 0.9
4461
+ exploit_scenario: |-
4462
+ Cross-tenant object read is possible when IDs are not ownership-scoped.
4463
+ fix_template: |-
4464
+ Autofix: enforce tenant-bound ID resolver before object access.
4465
+ pattern-either:
4466
+ - pattern: |-
4467
+ orderID := r.URL.Query().Get("id")
4468
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-283\\b'
4469
+ message: |-
4470
+ RunSec Detection [GOX-283]: CWE-639
4471
+ languages:
4472
+ - go
4473
+ severity: WARNING
4474
+ - id: runsec.go-core.gox-284
4475
+ metadata:
4476
+ runsec_version: v1.0
4477
+ confidence: |-
4478
+ 0.9
4479
+ exploit_scenario: |-
4480
+ Untrusted keys can alter privilege-related fields.
4481
+ fix_template: |-
4482
+ Autofix: map only trusted keys instead of arbitrary payload map iteration.
4483
+ pattern-either:
4484
+ - pattern: |-
4485
+ for k, v := range payload { applyField(&user, k, v) }
4486
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-284\\b'
4487
+ message: |-
4488
+ RunSec Detection [GOX-284]: CWE-915
4489
+ languages:
4490
+ - go
4491
+ severity: WARNING
4492
+ - id: runsec.go-core.gox-285
4493
+ metadata:
4494
+ runsec_version: v1.0
4495
+ confidence: |-
4496
+ 0.9
4497
+ exploit_scenario: |-
4498
+ Untracked goroutines leak resources and produce non-deterministic behavior.
4499
+ fix_template: |-
4500
+ Autofix: add WaitGroup lifecycle around spawned goroutines.
4501
+ pattern-either:
4502
+ - pattern: |-
4503
+ go worker(task)
4504
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-285\\b'
4505
+ message: |-
4506
+ RunSec Detection [GOX-285]: CWE-667
4507
+ languages:
4508
+ - go
4509
+ severity: WARNING
4510
+ - id: runsec.go-core.gox-286
4511
+ metadata:
4512
+ runsec_version: v1.0
4513
+ confidence: |-
4514
+ 0.9
4515
+ exploit_scenario: |-
4516
+ Concurrent writes produce inconsistent state and race-driven bypasses.
4517
+ fix_template: |-
4518
+ Autofix: wrap shared state writes with mutex lock and unlock.
4519
+ pattern-either:
4520
+ - pattern: |-
4521
+ go func(){ sharedCounter++ }()
4522
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-286\\b'
4523
+ message: |-
4524
+ RunSec Detection [GOX-286]: CWE-662
4525
+ languages:
4526
+ - go
4527
+ severity: WARNING
4528
+ - id: runsec.go-core.gox-287
4529
+ metadata:
4530
+ runsec_version: v1.0
4531
+ confidence: |-
4532
+ 0.9
4533
+ exploit_scenario: |-
4534
+ Nil interface panic causes request crash and availability impact.
4535
+ fix_template: |-
4536
+ Autofix: add nil guard for interface dependencies before method calls.
4537
+ pattern-either:
4538
+ - pattern: |-
4539
+ repo.GetUser(ctx, id)
4540
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-287\\b'
4541
+ message: |-
4542
+ RunSec Detection [GOX-287]: CWE-476
4543
+ languages:
4544
+ - go
4545
+ severity: WARNING
4546
+ - id: runsec.go-core.gox-288
4547
+ metadata:
4548
+ runsec_version: v1.0
4549
+ confidence: |-
4550
+ 0.9
4551
+ exploit_scenario: |-
4552
+ Cross-tenant object read is possible when IDs are not ownership-scoped.
4553
+ fix_template: |-
4554
+ Autofix: enforce tenant-bound ID resolver before object access.
4555
+ pattern-either:
4556
+ - pattern: |-
4557
+ orderID := r.URL.Query().Get("id")
4558
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-288\\b'
4559
+ message: |-
4560
+ RunSec Detection [GOX-288]: CWE-639
4561
+ languages:
4562
+ - go
4563
+ severity: WARNING
4564
+ - id: runsec.go-core.gox-289
4565
+ metadata:
4566
+ runsec_version: v1.0
4567
+ confidence: |-
4568
+ 0.9
4569
+ exploit_scenario: |-
4570
+ Untrusted keys can alter privilege-related fields.
4571
+ fix_template: |-
4572
+ Autofix: map only trusted keys instead of arbitrary payload map iteration.
4573
+ pattern-either:
4574
+ - pattern: |-
4575
+ for k, v := range payload { applyField(&user, k, v) }
4576
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-289\\b'
4577
+ message: |-
4578
+ RunSec Detection [GOX-289]: CWE-915
4579
+ languages:
4580
+ - go
4581
+ severity: WARNING
4582
+ - id: runsec.go-core.gox-290
4583
+ metadata:
4584
+ runsec_version: v1.0
4585
+ confidence: |-
4586
+ 0.9
4587
+ exploit_scenario: |-
4588
+ Untracked goroutines leak resources and produce non-deterministic behavior.
4589
+ fix_template: |-
4590
+ Autofix: add WaitGroup lifecycle around spawned goroutines.
4591
+ pattern-either:
4592
+ - pattern: |-
4593
+ go worker(task)
4594
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-290\\b'
4595
+ message: |-
4596
+ RunSec Detection [GOX-290]: CWE-667
4597
+ languages:
4598
+ - go
4599
+ severity: WARNING
4600
+ - id: runsec.go-core.gox-291
4601
+ metadata:
4602
+ runsec_version: v1.0
4603
+ confidence: |-
4604
+ 0.9
4605
+ exploit_scenario: |-
4606
+ Concurrent writes produce inconsistent state and race-driven bypasses.
4607
+ fix_template: |-
4608
+ Autofix: wrap shared state writes with mutex lock and unlock.
4609
+ pattern-either:
4610
+ - pattern: |-
4611
+ go func(){ sharedCounter++ }()
4612
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-291\\b'
4613
+ message: |-
4614
+ RunSec Detection [GOX-291]: CWE-662
4615
+ languages:
4616
+ - go
4617
+ severity: WARNING
4618
+ - id: runsec.go-core.gox-292
4619
+ metadata:
4620
+ runsec_version: v1.0
4621
+ confidence: |-
4622
+ 0.9
4623
+ exploit_scenario: |-
4624
+ Nil interface panic causes request crash and availability impact.
4625
+ fix_template: |-
4626
+ Autofix: add nil guard for interface dependencies before method calls.
4627
+ pattern-either:
4628
+ - pattern: |-
4629
+ repo.GetUser(ctx, id)
4630
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-292\\b'
4631
+ message: |-
4632
+ RunSec Detection [GOX-292]: CWE-476
4633
+ languages:
4634
+ - go
4635
+ severity: WARNING
4636
+ - id: runsec.go-core.gox-293
4637
+ metadata:
4638
+ runsec_version: v1.0
4639
+ confidence: |-
4640
+ 0.9
4641
+ exploit_scenario: |-
4642
+ Cross-tenant object read is possible when IDs are not ownership-scoped.
4643
+ fix_template: |-
4644
+ Autofix: enforce tenant-bound ID resolver before object access.
4645
+ pattern-either:
4646
+ - pattern: |-
4647
+ orderID := r.URL.Query().Get("id")
4648
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-293\\b'
4649
+ message: |-
4650
+ RunSec Detection [GOX-293]: CWE-639
4651
+ languages:
4652
+ - go
4653
+ severity: WARNING
4654
+ - id: runsec.go-core.gox-294
4655
+ metadata:
4656
+ runsec_version: v1.0
4657
+ confidence: |-
4658
+ 0.9
4659
+ exploit_scenario: |-
4660
+ Untrusted keys can alter privilege-related fields.
4661
+ fix_template: |-
4662
+ Autofix: map only trusted keys instead of arbitrary payload map iteration.
4663
+ pattern-either:
4664
+ - pattern: |-
4665
+ for k, v := range payload { applyField(&user, k, v) }
4666
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-294\\b'
4667
+ message: |-
4668
+ RunSec Detection [GOX-294]: CWE-915
4669
+ languages:
4670
+ - go
4671
+ severity: WARNING
4672
+ - id: runsec.go-core.gox-295
4673
+ metadata:
4674
+ runsec_version: v1.0
4675
+ confidence: |-
4676
+ 0.9
4677
+ exploit_scenario: |-
4678
+ Untracked goroutines leak resources and produce non-deterministic behavior.
4679
+ fix_template: |-
4680
+ Autofix: add WaitGroup lifecycle around spawned goroutines.
4681
+ pattern-either:
4682
+ - pattern: |-
4683
+ go worker(task)
4684
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-295\\b'
4685
+ message: |-
4686
+ RunSec Detection [GOX-295]: CWE-667
4687
+ languages:
4688
+ - go
4689
+ severity: WARNING
4690
+ - id: runsec.go-core.gox-296
4691
+ metadata:
4692
+ runsec_version: v1.0
4693
+ confidence: |-
4694
+ 0.9
4695
+ exploit_scenario: |-
4696
+ Concurrent writes produce inconsistent state and race-driven bypasses.
4697
+ fix_template: |-
4698
+ Autofix: wrap shared state writes with mutex lock and unlock.
4699
+ pattern-either:
4700
+ - pattern: |-
4701
+ go func(){ sharedCounter++ }()
4702
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-296\\b'
4703
+ message: |-
4704
+ RunSec Detection [GOX-296]: CWE-662
4705
+ languages:
4706
+ - go
4707
+ severity: WARNING
4708
+ - id: runsec.go-core.gox-297
4709
+ metadata:
4710
+ runsec_version: v1.0
4711
+ confidence: |-
4712
+ 0.9
4713
+ exploit_scenario: |-
4714
+ Nil interface panic causes request crash and availability impact.
4715
+ fix_template: |-
4716
+ Autofix: add nil guard for interface dependencies before method calls.
4717
+ pattern-either:
4718
+ - pattern: |-
4719
+ repo.GetUser(ctx, id)
4720
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-297\\b'
4721
+ message: |-
4722
+ RunSec Detection [GOX-297]: CWE-476
4723
+ languages:
4724
+ - go
4725
+ severity: WARNING
4726
+ - id: runsec.go-core.gox-298
4727
+ metadata:
4728
+ runsec_version: v1.0
4729
+ confidence: |-
4730
+ 0.9
4731
+ exploit_scenario: |-
4732
+ Cross-tenant object read is possible when IDs are not ownership-scoped.
4733
+ fix_template: |-
4734
+ Autofix: enforce tenant-bound ID resolver before object access.
4735
+ pattern-either:
4736
+ - pattern: |-
4737
+ orderID := r.URL.Query().Get("id")
4738
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-298\\b'
4739
+ message: |-
4740
+ RunSec Detection [GOX-298]: CWE-639
4741
+ languages:
4742
+ - go
4743
+ severity: WARNING
4744
+ - id: runsec.go-core.gox-299
4745
+ metadata:
4746
+ runsec_version: v1.0
4747
+ confidence: |-
4748
+ 0.9
4749
+ exploit_scenario: |-
4750
+ Untrusted keys can alter privilege-related fields.
4751
+ fix_template: |-
4752
+ Autofix: map only trusted keys instead of arbitrary payload map iteration.
4753
+ pattern-either:
4754
+ - pattern: |-
4755
+ for k, v := range payload { applyField(&user, k, v) }
4756
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-299\\b'
4757
+ message: |-
4758
+ RunSec Detection [GOX-299]: CWE-915
4759
+ languages:
4760
+ - go
4761
+ severity: WARNING
4762
+ - id: runsec.go-core.gox-300
4763
+ metadata:
4764
+ runsec_version: v1.0
4765
+ confidence: |-
4766
+ 0.9
4767
+ exploit_scenario: |-
4768
+ Untracked goroutines leak resources and produce non-deterministic behavior.
4769
+ fix_template: |-
4770
+ Autofix: add WaitGroup lifecycle around spawned goroutines.
4771
+ pattern-either:
4772
+ - pattern: |-
4773
+ go worker(task)
4774
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-300\\b'
4775
+ message: |-
4776
+ RunSec Detection [GOX-300]: CWE-667
4777
+ languages:
4778
+ - go
4779
+ severity: WARNING
4780
+ - id: runsec.go-core.gox-301
4781
+ metadata:
4782
+ runsec_version: v1.0
4783
+ confidence: |-
4784
+ 0.9
4785
+ exploit_scenario: |-
4786
+ Concurrent writes produce inconsistent state and race-driven bypasses.
4787
+ fix_template: |-
4788
+ Autofix: wrap shared state writes with mutex lock and unlock.
4789
+ pattern-either:
4790
+ - pattern: |-
4791
+ go func(){ sharedCounter++ }()
4792
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-301\\b'
4793
+ message: |-
4794
+ RunSec Detection [GOX-301]: CWE-662
4795
+ languages:
4796
+ - go
4797
+ severity: WARNING
4798
+ - id: runsec.go-core.gox-302
4799
+ metadata:
4800
+ runsec_version: v1.0
4801
+ confidence: |-
4802
+ 0.9
4803
+ exploit_scenario: |-
4804
+ Nil interface panic causes request crash and availability impact.
4805
+ fix_template: |-
4806
+ Autofix: add nil guard for interface dependencies before method calls.
4807
+ pattern-either:
4808
+ - pattern: |-
4809
+ repo.GetUser(ctx, id)
4810
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-302\\b'
4811
+ message: |-
4812
+ RunSec Detection [GOX-302]: CWE-476
4813
+ languages:
4814
+ - go
4815
+ severity: WARNING
4816
+ - id: runsec.go-core.gox-303
4817
+ metadata:
4818
+ runsec_version: v1.0
4819
+ confidence: |-
4820
+ 0.9
4821
+ exploit_scenario: |-
4822
+ Cross-tenant object read is possible when IDs are not ownership-scoped.
4823
+ fix_template: |-
4824
+ Autofix: enforce tenant-bound ID resolver before object access.
4825
+ pattern-either:
4826
+ - pattern: |-
4827
+ orderID := r.URL.Query().Get("id")
4828
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-303\\b'
4829
+ message: |-
4830
+ RunSec Detection [GOX-303]: CWE-639
4831
+ languages:
4832
+ - go
4833
+ severity: WARNING
4834
+ - id: runsec.go-core.gox-304
4835
+ metadata:
4836
+ runsec_version: v1.0
4837
+ confidence: |-
4838
+ 0.9
4839
+ exploit_scenario: |-
4840
+ Untrusted keys can alter privilege-related fields.
4841
+ fix_template: |-
4842
+ Autofix: map only trusted keys instead of arbitrary payload map iteration.
4843
+ pattern-either:
4844
+ - pattern: |-
4845
+ for k, v := range payload { applyField(&user, k, v) }
4846
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-304\\b'
4847
+ message: |-
4848
+ RunSec Detection [GOX-304]: CWE-915
4849
+ languages:
4850
+ - go
4851
+ severity: WARNING
4852
+ - id: runsec.go-core.gox-305
4853
+ metadata:
4854
+ runsec_version: v1.0
4855
+ confidence: |-
4856
+ 0.9
4857
+ exploit_scenario: |-
4858
+ Untracked goroutines leak resources and produce non-deterministic behavior.
4859
+ fix_template: |-
4860
+ Autofix: add WaitGroup lifecycle around spawned goroutines.
4861
+ pattern-either:
4862
+ - pattern: |-
4863
+ go worker(task)
4864
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-305\\b'
4865
+ message: |-
4866
+ RunSec Detection [GOX-305]: CWE-667
4867
+ languages:
4868
+ - go
4869
+ severity: WARNING
4870
+ - id: runsec.go-core.gox-306
4871
+ metadata:
4872
+ runsec_version: v1.0
4873
+ confidence: |-
4874
+ 0.9
4875
+ exploit_scenario: |-
4876
+ Concurrent writes produce inconsistent state and race-driven bypasses.
4877
+ fix_template: |-
4878
+ Autofix: wrap shared state writes with mutex lock and unlock.
4879
+ pattern-either:
4880
+ - pattern: |-
4881
+ go func(){ sharedCounter++ }()
4882
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-306\\b'
4883
+ message: |-
4884
+ RunSec Detection [GOX-306]: CWE-662
4885
+ languages:
4886
+ - go
4887
+ severity: WARNING
4888
+ - id: runsec.go-core.gox-307
4889
+ metadata:
4890
+ runsec_version: v1.0
4891
+ confidence: |-
4892
+ 0.9
4893
+ exploit_scenario: |-
4894
+ Nil interface panic causes request crash and availability impact.
4895
+ fix_template: |-
4896
+ Autofix: add nil guard for interface dependencies before method calls.
4897
+ pattern-either:
4898
+ - pattern: |-
4899
+ repo.GetUser(ctx, id)
4900
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-307\\b'
4901
+ message: |-
4902
+ RunSec Detection [GOX-307]: CWE-476
4903
+ languages:
4904
+ - go
4905
+ severity: WARNING
4906
+ - id: runsec.go-core.gox-308
4907
+ metadata:
4908
+ runsec_version: v1.0
4909
+ confidence: |-
4910
+ 0.9
4911
+ exploit_scenario: |-
4912
+ Cross-tenant object read is possible when IDs are not ownership-scoped.
4913
+ fix_template: |-
4914
+ Autofix: enforce tenant-bound ID resolver before object access.
4915
+ pattern-either:
4916
+ - pattern: |-
4917
+ orderID := r.URL.Query().Get("id")
4918
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-308\\b'
4919
+ message: |-
4920
+ RunSec Detection [GOX-308]: CWE-639
4921
+ languages:
4922
+ - go
4923
+ severity: WARNING
4924
+ - id: runsec.go-core.gox-309
4925
+ metadata:
4926
+ runsec_version: v1.0
4927
+ confidence: |-
4928
+ 0.9
4929
+ exploit_scenario: |-
4930
+ Untrusted keys can alter privilege-related fields.
4931
+ fix_template: |-
4932
+ Autofix: map only trusted keys instead of arbitrary payload map iteration.
4933
+ pattern-either:
4934
+ - pattern: |-
4935
+ for k, v := range payload { applyField(&user, k, v) }
4936
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-309\\b'
4937
+ message: |-
4938
+ RunSec Detection [GOX-309]: CWE-915
4939
+ languages:
4940
+ - go
4941
+ severity: WARNING
4942
+ - id: runsec.go-core.gox-310
4943
+ metadata:
4944
+ runsec_version: v1.0
4945
+ confidence: |-
4946
+ 0.9
4947
+ exploit_scenario: |-
4948
+ Untracked goroutines leak resources and produce non-deterministic behavior.
4949
+ fix_template: |-
4950
+ Autofix: add WaitGroup lifecycle around spawned goroutines.
4951
+ pattern-either:
4952
+ - pattern: |-
4953
+ go worker(task)
4954
+ - pattern-regex: 'Vulnerable:\\s*GOX\\-310\\b'
4955
+ message: |-
4956
+ RunSec Detection [GOX-310]: CWE-667
4957
+ languages:
4958
+ - go
4959
+ severity: WARNING