Commit graph

13 commits

Author SHA1 Message Date
Cosmin Cojocar
de2c6a36fa Extract the issue in its own package 2023-02-16 09:45:28 +01:00
Cosmin Cojocar
a522ae6f5f
Fix build after updating the dependencies (#910) 2023-01-09 09:42:20 +01:00
Vladimir Severov
9c19cb6501
Add check for usage of Rat.SetString in math/big with an overflow error (#819)
* Add check for usage of Rat.SetString in math/big with an overflow error

Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7
has an overflow that can lead to Uncontrolled Memory Consumption.

It is the CVE-2022-23772.

* Use ContainsPkgCallExpr instead of manual parsing
2022-06-03 00:19:51 +02:00
云微
34d144b3fa
Add new rule for Slowloris Attack 2022-04-30 12:38:50 +02:00
Calin Capitanu
48bbf96b56
Adds directory traversal for Http.Dir("/") 2022-03-06 10:58:47 +01:00
Cosmin Cojocar
ad5d74d5a1
Update to ginkgo v2 (#753) 2022-01-03 18:11:35 +01:00
Yiwei Ding
b45f95f6ad
Add support for suppressing the findings 2021-12-09 11:53:36 +01:00
Matthieu MOREL
1256f16f33
Fix lint and fail on error in the ci build 2021-05-31 10:44:12 +02:00
Matthieu MOREL
e72f54ed40
Fix HTML template and display the gosec version 2021-05-21 11:14:43 +02:00
Matthieu MOREL
d040f0725f
Handle gosec version in SARIF report 2021-05-20 10:16:42 +02:00
Matthieu MOREL
103c429df5
Enable golangcli and improve testing for formatters 2021-05-10 10:08:04 +02:00
Matthieu MOREL
c4f5932ab7
Refactor : Replace Cwe with cwe.Weakness 2021-05-07 16:54:34 +02:00
Matthieu MOREL
ddfa25381f
Define a report package with core and per format sub-packages 2021-05-06 09:31:51 +02:00
Renamed from output/formatter_test.go (Browse further)