From https://go.dev/security/vuln/ :
Integrations with pkg.go.dev and govulncheck to enable developers to find vulnerabilities in their projects. The govulncheck command analyzes your codebase and only surfaces vulnerabilities that actually affect you, based on which functions in your code are transitively calling vulnerable functions. Govulncheck provides a low-noise, reliable way to find known vulnerabilities in your projects.
From https://go.dev/security/vuln/ : Integrations with pkg.go.dev and govulncheck to enable developers to find vulnerabilities in their projects. The govulncheck command analyzes your codebase and only surfaces vulnerabilities that actually affect you, based on which functions in your code are transitively calling vulnerable functions. Govulncheck provides a low-noise, reliable way to find known vulnerabilities in your projects.