Skip to main content

Fix example vulnerable method for Go

These example steps provide a fix for a Denial of Service (DoS) attack vulnerable method in golang.org/x/text, which is included in the example-go-modules repository.

To complete this task:

  1. In the Veracode Platform, select Scans & Analysis > Software Composition Analysis.

  2. Select Agent-Based Scan.

  3. Select your workspace.

  4. Select Projects.

  5. Select the veracode/example-go-modules project.

  6. From Issues, search for CVE-2021-38561 and select the issue number.

  7. Go to Vulnerable Methods where it shows that the Parse method is the vulnerable part of the library.

  8. To address the identified vulnerable method, do one of these tasks:

    • Change your code to perform in the same manner without relying on this particular method.
    • Follow the provided instructions to update the library to a safe version.

  9. Validate the fix.

Last updated on