IndexedVerified
Go Web Security
Gin and net/http SAST rules aggregated across verified providers.
Fetch pack
greprules pack fetch go-web-security --engine opengrepcurl https://api.greprules.io/api/packs/go-web-security.tar.gz -o go-web-security.tar.gzIncluded rules
CVE-2026-28789: Unprotected Receiver Map Write Http Handler
cve-2026-28789-unprotected-receiver-map-write-http-handlerCVE-2024-41110: Go Http Content Length Gate Without Chunked Checkcve-2024-41110-go-http-content-length-gate-without-chunked-checkCVE-2025-30206: Go Request Slice Field To Os Opencve-2025-30206-go-request-slice-field-to-os-openCVE-2026-32767: Siyuan Fulltextsearchblock Missing Admin Checkcve-2026-32767-siyuan-fulltextsearchblock-missing-admin-checkCVE-2026-33669: Siyuan Asset Handler Missing Publish Access Checkcve-2026-33669-siyuan-asset-handler-missing-publish-access-checkCVE-2026-34581: Goshs Unvalidated Path Traversalcve-2026-34581-goshs-unvalidated-path-traversalCVE-2026-35392: Go Http Request Path To File Write Without Containment Checkcve-2026-35392-go-http-request-path-to-file-write-without-containment-checkCVE-2026-35393: Go Net Http Url Path To Filesystem Traversalcve-2026-35393-go-net-http-url-path-to-filesystem-traversalCVE-2026-39858: Traefik Http Chain Missing Deny Encoded Characterscve-2026-39858-traefik-http-chain-missing-deny-encoded-charactersCVE-2026-41492: Go Incomplete Debug Cmdline Filter Leaks Expvar Varscve-2026-41492-go-incomplete-debug-cmdline-filter-leaks-expvar-varsCVE-2026-42083: Gin Route Group Missing Auth Middlewarecve-2026-42083-gin-route-group-missing-auth-middlewareCVE-2026-44329: Gin Router Group Missing Auth Middlewarecve-2026-44329-gin-router-group-missing-auth-middleware