Use of Inherently Dangerous Function
| Property | |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-242: Use of Inherently Dangerous Function |
| Confidence Level | Low |
| Impact Level | Low |
| Likelihood Level | Low |
Description#
Using Go’s ‘unsafe’ package bypasses the language’s type safety and memory protections, making it easy to introduce bugs like buffer overflows or memory corruption. This can lead to unstable or insecure code if not handled with extreme care.
Impact#
If exploited, vulnerabilities from improper use of the ‘unsafe’ package can allow attackers to execute arbitrary code, crash the application, or read and write sensitive memory. This can compromise data integrity, expose confidential information, and potentially enable full system compromise.