dareste
commented
4 months ago lgtm:
govulncheck -show verbose ./...
Scanning your code and 950 packages across 138 dependent modules for known vulnerabilities...
Fetching vulnerabilities from the database...
Checking the code against the vulnerabilities...
No vulnerabilities found.
The
govulnchecktool identified:golang.org/x/net@v0.19.0 Vulnerability #1: GO-2024-2687 HTTP/2 CONTINUATION flood in net/http More info: https://pkg.go.dev/vuln/GO-2024-2687 Module: golang.org/x/net Found in: golang.org/x/net@v0.19.0 Fixed in: golang.org/x/net@v0.23.0google.golang.org/protobuf@v1.32.0 Vulnerability #1: GO-2024-2611 Infinite loop in JSON unmarshaling in google.golang.org/protobuf More info: https://pkg.go.dev/vuln/GO-2024-2611 Module: google.golang.org/protobuf Found in: google.golang.org/protobuf@v1.32.0 Fixed in: google.golang.org/protobuf@v1.33.0Fix:
golang.org/x/net@v0.23.0google.golang.org/protobuf@v1.33.0