cmd/govulncheck/testdata/default-binary.ct - vuln - Git at Google

 # Test of default mode with a binary.

 # No vulnerabilities, no output.
 $ govulncheck ${novuln_binary}
 govulncheck is an experimental tool. Share feedback at https://go.dev/s/govulncheck-feedback.

 Scanning for dependencies with known vulnerabilities...
 No vulnerabilities found.

 $ govulncheck ${vuln_binary} --> FAIL 3
 govulncheck is an experimental tool. Share feedback at https://go.dev/s/govulncheck-feedback.

 Scanning for dependencies with known vulnerabilities...
 Found 1 known vulnerability.

 Vulnerability #1: GO-2021-0113
   Due to improper index calculation, an incorrectly formatted
   language tag can cause Parse to panic via an out of bounds read.
   If Parse is used to process untrusted user inputs, this may be
   used as a vector for a denial of service attack.
   Found in: golang.org/x/text/language@v0.3.0
   Fixed in: golang.org/x/text/language@v0.3.7
   More info: https://pkg.go.dev/vuln/GO-2021-0113
	# Test of default mode with a binary.

	# No vulnerabilities, no output.
	$ govulncheck ${novuln_binary}
	govulncheck is an experimental tool. Share feedback at https://go.dev/s/govulncheck-feedback.

	Scanning for dependencies with known vulnerabilities...
	No vulnerabilities found.

	$ govulncheck ${vuln_binary} --> FAIL 3
	govulncheck is an experimental tool. Share feedback at https://go.dev/s/govulncheck-feedback.

	Scanning for dependencies with known vulnerabilities...
	Found 1 known vulnerability.

	Vulnerability #1: GO-2021-0113
	Due to improper index calculation, an incorrectly formatted
	language tag can cause Parse to panic via an out of bounds read.
	If Parse is used to process untrusted user inputs, this may be
	used as a vector for a denial of service attack.
	Found in: golang.org/x/text/language@v0.3.0
	Fixed in: golang.org/x/text/language@v0.3.7
	More info: https://pkg.go.dev/vuln/GO-2021-0113