Govulncheck reports known vulnerabilities that affect Go code.
It uses static analysis of source code or a binary's symbol table
to narrow down reports to only those that could affect the
application.

By default, govulncheck makes requests to the Go vulnerability
database at https://vuln.go.dev. Requests to the vulnerability
database contain only module paths with vulnerabilities already
known to the database, not code or other properties of your
program. See https://vuln.go.dev/privacy.html for more.
Use the -db flag to specify a different database, which must
implement the specification at https://go.dev/security/vuln/database.

Govulncheck looks for vulnerabilities in Go programs using a specific
build configuration. For analyzing source code, that configuration is
the Go version specified by the "go" command found on the PATH. For
binaries, the build configuration is the one used to build the binary.
Note that different build configurations may have different known
vulnerabilities.
