AWS logo
Amazon QDetector LibrarySign in to Amazon Q
AWSbreadcrumb dividerDocumentationbreadcrumb dividerAmazon Qbreadcrumb dividerDetector Librarybreadcrumb dividerGobreadcrumb dividerTagsbreadcrumb dividerTag: security-contextFeedbackFeedback icon

Q

Detector Library

Go detectors (45/45)

Useless if BodyChannel Guarded With MutexImproper Certificate ValidationUnvalidated S3 Bucket OwnershipResource LeakInsecure CookieWeak Random Number GenerationRedundant Equality CheckInsecure Ignore Host KeyUnsafe ReflectionUnchecked Batch Operation FailuresLambda Client ReuseOs Command InjectionUseless if ConditionalLog InjectionHttptrace FileServer As HandlerPprof EndpointCross Site Scripting (XSS)Not Recommended API UsageHidden GoroutineChannel Accessible By Non EndpointDecompression BombCross-Site Request Forgery (CSRF)Thread Safety ViolationInsecure ConnectionSQL InjectionDeprecated Key GeneratorExported Loop PointerServer Side Request Forgery (SSRF)Sensitive Information LeakInteger OverflowMissing PaginationInsecure CryptographyProtection Mechanism FailureNil Pointer DereferenceTemporary FilesXML External EntityInsecure File PermissionsAuthentication Bypass By Alternate NameCode InjectionImproper authenticationUse Filepath JoinPath TraversalWrite Pprof Profile OutputHardcoded true or false

Tag: security-context

Unvalidated S3 Bucket Ownership

S3 bucket operations without owner validation

Lambda Client Reuse

AWS client re-creation in Lambda handlers

Not Recommended API Usage

Security risks and quality issues from deprecated AWS APIs and clients

Missing Pagination

Missing pagination in paginated API calls