blob: 5861e67d507b5d0c24520b50a3e2a34750ffaa1e [file] [log] [blame]
#####
# Test of source mode on a module with a replace directive.
$ govulncheck -C ${moddir}/replace ./... --> FAIL 3
Using go1.18 and govulncheck@v0.0.0-00000000000-20000101010101 with vulnerability data from testdata/vulndb-v1 (last modified 01 Jan 21 00:00 UTC).
Scanning your code and P packages across M dependent module for known vulnerabilities...
Vulnerability #1: GO-2021-0113
Due to improper index calculation, an incorrectly formatted language tag can
cause Parse to panic via an out of bounds read. If Parse is used to process
untrusted user inputs, this may be used as a vector for a denial of service
attack.
More info: https://pkg.go.dev/vuln/GO-2021-0113
Module: golang.org/x/text
Found in: golang.org/x/text@v0.3.0
Fixed in: golang.org/x/text@v0.3.7
Example traces found:
#1: .../main.go:11:16: replace.main calls language.Parse
Your code is affected by 1 vulnerability from 1 module.
Share feedback at https://go.dev/s/govulncheck-feedback.