| # Test of verbose mode. |
| |
| # No vulnerabilities, no output. |
| $ cdmodule novuln |
| $ govulncheck -v . |
| |
| $ cdmodule vuln |
| $ govulncheck -v . --> FAIL 3 |
| package: golang.org/x/text/language |
| your version: v0.3.0 |
| fixed version: v0.3.7 |
| call stacks: |
| #1: for function Parse |
| vuln.main |
| .../vuln.go:11:16 |
| golang.org/x/text/language.Parse |
| |
| reference: https://pkg.go.dev/vuln/GO-2021-0113 |
| description: Due to improper index calculation, an incorrectly formatted |
| language tag can cause Parse to panic via an out of bounds read. |
| If Parse is used to process untrusted user inputs, this may be |
| used as a vector for a denial of service attack. |