Go helps developers detect, assess, and resolve errors or weaknesses that are at risk of being exploited by attackers. Behind the scenes, the Go team runs a pipeline to curate reports about vulnerabilities, which are stored in the Go vulnerability database. Various libraries and tools can read and analyze those reports to understand how specific user projects may be affected. This functionality is integrated into the Go package discovery site and a new CLI tool, govulncheck.
https://go.dev/doc/security/vuln/