SYM_GO_0011 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Use of Inherently Dangerous Function
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-242: Use of Inherently Dangerous Function |
| Confidence Level | Low |
| Impact Level | Low |
| Likelihood Level | Low |
Description
Using Go's 'unsafe' package bypasses the language's type safety and memory protections, making it easy to introduce bugs like buffer overflows or memory corruption. This can lead to unstable or insecure code if not handled with extreme care.
Impact
If exploited, vulnerabilities from improper use of the 'unsafe' package can allow attackers to execute arbitrary code, crash the application, or read and write sensitive memory. This can compromise data integrity, expose confidential information, and potentially enable full system compromise.