x/vuln: request govulncheck mark CVE's with severity level #70289

aep-sunlife · 2024-11-11T20:33:40Z

Hi,

I enjoy using govulncheck to scan for vulnerabilities in Go projects.

I would like govulncheck to denote the severity level of each vulnerability, in order to help users prioritize resolution.

Large, complex projects often have hundreds of CVE's, so from a security perspective it makes sense to patch vulnerabilities in descending order of severity.

For comparison, other common SCA tools note severity levels like Critical, High, Medium, Low, Info for each CVE reported.

gabyhelp · 2024-11-11T20:33:57Z

Related Documentation

Go Vulnerability Management > FAQs

_{(Emoji vote if this was helpful or unhelpful; more detailed feedback welcome in this discussion.)}

seankhliao · 2024-11-11T21:00:47Z

please see the faq

gopherbot added the vulncheck or vulndb Issues for the x/vuln or x/vulndb repo label Nov 11, 2024

gopherbot modified the milestones: Unreleased, vuln/unplanned Nov 11, 2024

seankhliao closed this as not planned Won't fix, can't repro, duplicate, stale Nov 11, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

x/vuln: request govulncheck mark CVE's with severity level #70289

x/vuln: request govulncheck mark CVE's with severity level #70289

aep-sunlife commented Nov 11, 2024

gabyhelp commented Nov 11, 2024

seankhliao commented Nov 11, 2024

x/vuln: request govulncheck mark CVE's with severity level #70289

x/vuln: request govulncheck mark CVE's with severity level #70289

Comments

aep-sunlife commented Nov 11, 2024

gabyhelp commented Nov 11, 2024

seankhliao commented Nov 11, 2024