gitlab.gosec.G108-1

unknown

Download Count*

MIT

License

Profiling endpoint automatically exposed on /debug/pprof

Run Locally

Run in CI

Semgrep CI docs

Defintion

Edit Rule View Source

Open in Playground

rules:
  - id: gosec.G108-1
    patterns:
      - pattern: |
          import _ "net/http/pprof"
    message: |
      Profiling endpoint automatically exposed on /debug/pprof
    metadata:
      cwe: "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"
      primary_identifier: gosec.G108-1
      secondary_identifiers:
        - name: Gosec Rule ID G108
          type: gosec_rule_id
          value: G108
      license: MIT
    severity: ERROR
    languages:
      - go

Short Link: https://sg.run/oYxX