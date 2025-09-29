Go provides tooling to analyze your codebase and surface known vulnerabilities. This tooling is backed by the Go vulnerability databaseGo provides tooling to analyze your codebase and surface known vulnerabilities. This tooling is backed by the Go vulnerability database

Here's What You Need to Know About Vulnerability Management for Go

Par : Hackernoon
2025/09/29 00:00
SphereX
HERE$0,000159-%8,09

We are excited to announce Go’s new support for vulnerability management, our first step towards helping Go developers learn about known vulnerabilities that may affect them.

\ This post provides an overview of what’s available today and next steps for this project.

Overview

Go provides tooling to analyze your codebase and surface known vulnerabilities. This tooling is backed by the Go vulnerability database, which is curated by the Go security team. Go’s tooling reduces noise in your results by only surfacing vulnerabilities in functions that your code is actually calling.

\

Go vulnerability database

The Go vulnerability database (https://vuln.go.dev) is a comprehensive source of information about known vulnerabilities in importable packages in public Go modules.

\ Vulnerability data comes from existing sources (such as CVEs and GHSAs) and direct reports from Go package maintainers. This information is then reviewed by the Go security team and added to the database.

\ We encourage package maintainers to contribute information about public vulnerabilities in their own projects and update existing information about vulnerabilities in their Go packages. We aim to make reporting a low friction process, so please send us your suggestions for any improvements.

\ The Go vulnerability database can be viewed in your browser at pkg.go.dev/vuln. For more information about the database, see go.dev/security/vuln/database.

Vulnerability detection using govulncheck

The new govulncheck command is a low-noise, reliable way for Go users to learn about known vulnerabilities that may affect their projects. Govulncheck analyzes your codebase and only surfaces vulnerabilities that actually affect you, based on which functions in your code are transitively calling vulnerable functions.

\ You can install the latest version of govulncheck using go install:

$ go install golang.org/x/vuln/cmd/govulncheck@latest

\ Then, run govulncheck inside your project directory:

$ govulncheck ./...

Govulncheck is a standalone tool to allow frequent updates and rapid iteration while we gather feedback from users. In the long term, we plan to integrate the govulncheck tool into the main Go distribution.

Integrations

It’s always better to learn about vulnerabilities as early as possible in the development and deployment process. To integrate vulnerability checking into your own tools and processes, use govulncheck -json.

\ We have integrated vulnerability detection into existing Go tools and services, such as the Go package discovery site. For example, this page shows the known vulnerabilities in each version of golang.org/x/text. Vulnerability checking functionality through the VS Code Go extension is also coming soon.

Next Steps

We hope you’ll find Go’s support for vulnerability management useful and help us improve it!

\ Go’s support for vulnerability management is a new feature that is under active development. You should expect some bugs and limitations.

\ We would love for you to contribute and help us make improvements in the following ways:

  • Contribute new and update existing information about public vulnerabilities for Go packages that you maintain
  • Take this survey to share your experience using govulncheck
  • Send us feedback about issues and feature requests

\ We are excited to work with you to build a better and more secure Go ecosystem.

Julie Qiu, for the Go security team

\ This article is available on The Go Blog under a CC BY 4.0 DEED license.

\ Photo by Growtika on Unsplash

Clause de non-responsabilité : les articles republiés sur ce site proviennent de plateformes publiques et sont fournis à titre informatif uniquement. Ils ne reflètent pas nécessairement les opinions de MEXC. Tous les droits restent la propriété des auteurs d'origine. Si vous estimez qu'un contenu porte atteinte aux droits d'un tiers, veuillez contacter [email protected] pour demander sa suppression. MEXC ne garantit ni l'exactitude, ni l'exhaustivité, ni l'actualité des contenus, et décline toute responsabilité quant aux actions entreprises sur la base des informations fournies. Ces contenus ne constituent pas des conseils financiers, juridiques ou professionnels, et ne doivent pas être interprétés comme une recommandation ou une approbation de la part de MEXC.
Partager des idées

Vous aimerez peut-être aussi

SOL Faces Pressure, DOT Climbs 2.3%, While BullZilla Presale Rockets Past $460K as the Top New Crypto to Join Now

SOL Faces Pressure, DOT Climbs 2.3%, While BullZilla Presale Rockets Past $460K as the Top New Crypto to Join Now

What if the next meme coin wasn’t just about culture but also structure? It’s the question many investors ask as meme coin volatility rises. Communities demand more than hype, and the search for the Top New cryptos to join now is heating up. In the past 24 hours, Solana fell 0.75% to $236.52 while Polkadot […] Continue Reading: SOL Faces Pressure, DOT Climbs 2.3%, While BullZilla Presale Rockets Past $460K as the Top New Crypto to Join Now
Threshold
T$0,01281-%1,68
Solana
SOL$194,65-%3,32
Hyperliquid
HYPE$48,08+%0,67
Partager
2025/09/18 05:15
Ethereum Price Prediction: Can ETH Hit $6K While MoonBull Ignites as the Best Crypto Presale in 2025?

Ethereum Price Prediction: Can ETH Hit $6K While MoonBull Ignites as the Best Crypto Presale in 2025?

Is now the right time to invest in major cryptocurrencies for 2025? Ethereum (ETH) has been making waves in the […] The post Ethereum Price Prediction: Can ETH Hit $6K While MoonBull Ignites as the Best Crypto Presale in 2025? appeared first on Coindoo.
Ethereum
ETH$4.017,32-%1,98
Nowchain
NOW$0,00295-%3,90
Major
MAJOR$0,10681-%2,64
Partager
2025/10/29 10:45
World Liberty Financial to distribute 8.4 million WLFI for early USD1 adopters

World Liberty Financial to distribute 8.4 million WLFI for early USD1 adopters

The distribution rewards users who earned points by trading USD1 pairs on partner exchanges and maintaining USD1 balances.
Torch of Liberty
LIBERTY$0,03889-%0,46
4
4$0,10591-%8,53
WLFI
WLFI$0,1439-%0,89
Partager
2025/10/29 09:57

Actualités tendance

Plus

SOL Faces Pressure, DOT Climbs 2.3%, While BullZilla Presale Rockets Past $460K as the Top New Crypto to Join Now

Ethereum Price Prediction: Can ETH Hit $6K While MoonBull Ignites as the Best Crypto Presale in 2025?

World Liberty Financial to distribute 8.4 million WLFI for early USD1 adopters

Bitwise Solana Staking ETF Sees $55M Debut Volume, Highest for 2025 Crypto Launches

$432M Raised, 1000x on the Horizon: BlockDAG Steals Spotlight from Chainlink and Ethereum in 2025

Prix des cryptomonnaies

mc_price_img_alt

Ethereum

ETH

$4.014,99
$4.014,99$4.014,99

-%1,99

mc_price_img_alt

Bitcoin

BTC

$112.789,13
$112.789,13$112.789,13

-%1,61

mc_price_img_alt

Solana

SOL

$194,53
$194,53$194,53

-%2,19

mc_price_img_alt

XRP

XRP

$2,6202
$2,6202$2,6202

-%0,59

mc_price_img_alt

DOGE

DOGE

$0,19387
$0,19387$0,19387

-%2,95