| ##### |
| # Testing that govulncheck doesn't mention calls when it doesn't |
| # have callstack information |
| $ govulncheck -scan module -C ${moddir}/multientry --> FAIL 3 |
| === Module Results === |
| |
| Vulnerability #1: GO-2021-0113 |
| Due to improper index calculation, an incorrectly formatted language tag can |
| cause Parse to panic via an out of bounds read. If Parse is used to process |
| untrusted user inputs, this may be used as a vector for a denial of service |
| attack. |
| More info: https://pkg.go.dev/vuln/GO-2021-0113 |
| Module: golang.org/x/text |
| Found in: golang.org/x/text@v0.3.5 |
| Fixed in: golang.org/x/text@v0.3.7 |
| |
| Your code may be affected by 1 vulnerability. |
| Use '-scan symbol' for more fine grained vulnerability detection. |
| |
| ##### |
| # -show verbose flag should only show module results with scan level module |
| $ govulncheck -scan module -show verbose -C ${moddir}/multientry --> FAIL 3 |
| Scanning your code across 2 dependent modules for known vulnerabilities... |
| |
| === Module Results === |
| |
| Vulnerability #1: GO-2021-0113 |
| Due to improper index calculation, an incorrectly formatted language tag can |
| cause Parse to panic via an out of bounds read. If Parse is used to process |
| untrusted user inputs, this may be used as a vector for a denial of service |
| attack. |
| More info: https://pkg.go.dev/vuln/GO-2021-0113 |
| Module: golang.org/x/text |
| Found in: golang.org/x/text@v0.3.5 |
| Fixed in: golang.org/x/text@v0.3.7 |
| |
| Your code may be affected by 1 vulnerability. |
| Use '-scan symbol' for more fine grained vulnerability detection. |