| ##### |
| # Test govulncheck runs on the subdirectory of a module |
| $ govulncheck -C ${moddir}/vuln/subdir . --> FAIL 3 |
| Scanning your code and P packages across M dependent module for known vulnerabilities... |
| |
| Vulnerability #1: GO-2021-0113 |
| Due to improper index calculation, an incorrectly formatted language tag can |
| cause Parse to panic via an out of bounds read. If Parse is used to process |
| untrusted user inputs, this may be used as a vector for a denial of service |
| attack. |
| More info: https://pkg.go.dev/vuln/GO-2021-0113 |
| Module: golang.org/x/text |
| Found in: golang.org/x/text@v0.3.0 |
| Fixed in: golang.org/x/text@v0.3.7 |
| Example traces found: |
| #1: .../subdir.go:8:16: subdir.Foo calls language.Parse |
| |
| Your code is affected by 1 vulnerability from 1 module. |
| |
| Share feedback at https://go.dev/s/govulncheck-feedback. |
| |
| ##### |
| # Test govulncheck runs on the subdirectory of a module |
| $ govulncheck -C ${moddir}/vuln/subdir -show=traces . --> FAIL 3 |
| Scanning your code and P packages across M dependent module for known vulnerabilities... |
| |
| Vulnerability #1: GO-2021-0113 |
| Due to improper index calculation, an incorrectly formatted language tag can |
| cause Parse to panic via an out of bounds read. If Parse is used to process |
| untrusted user inputs, this may be used as a vector for a denial of service |
| attack. |
| More info: https://pkg.go.dev/vuln/GO-2021-0113 |
| Module: golang.org/x/text |
| Found in: golang.org/x/text@v0.3.0 |
| Fixed in: golang.org/x/text@v0.3.7 |
| Example traces found: |
| #1: for function golang.org/x/text/language.Parse |
| .../subdir.go:8:16: golang.org/vuln/subdir.Foo |
| golang.org/x/text/language.Parse |
| |
| Your code is affected by 1 vulnerability from 1 module. |
| |
| Share feedback at https://go.dev/s/govulncheck-feedback. |
