H3-2022-0039
Golang pprof Debugging Endpoint Enabled
Category | SECURITY_MISCONFIGURATION |
Base Score | 4.5 |
Description
Golang’s net/http/pprof package can expose sensitive debugging information if enabled in a production environment.
Impact
Sensitive environment information may be leaked to attackers allowing for further exploitation.