x/vulndb: check product data for module paths - Githubissues

golang / go

The Go programming language

https://go.dev

BSD 3-Clause "New" or "Revised" License

121.42k stars 17.4k forks source link

x/vulndb: check product data for module paths #49461

Open julieqiu opened 2 years ago

julieqiu commented 2 years ago

For example, https://github.com/CVEProject/cvelist/blob/master/2020/7xxx/CVE-2020-7668.json lists the module path in its product data. It is not listed in the references section.

Also if there is a synk URL, we should check for the term GOLANG.

gopherbot commented 2 years ago

Change https://golang.org/cl/369745 mentions this issue: internal/worker: check product data for module paths

gopherbot commented 2 years ago

Change https://golang.org/cl/369746 mentions this issue: internal/worker: check synk.io URLs for GOLANG