diff --git a/syft/pkg/cataloger/golang/parse_go_mod.go b/syft/pkg/cataloger/golang/parse_go_mod.go
index e29b9f65c..1c06e8739 100644
--- a/syft/pkg/cataloger/golang/parse_go_mod.go
+++ b/syft/pkg/cataloger/golang/parse_go_mod.go
@@ -70,6 +70,10 @@ func (c *goModCataloger) parseGoModFile(_ context.Context, resolver file.Resolve
 			log.Tracef("error getting licenses for package: %s %v", m.New.Path, err)
 		}
 
+		// the old path and new path may be the same, in which case this is a noop,
+		// but if they're different we need to remove the old package.
+		delete(packages, m.Old.Path)
+
 		packages[m.New.Path] = pkg.Package{
 			Name:      m.New.Path,
 			Version:   m.New.Version,
diff --git a/syft/pkg/cataloger/golang/parse_go_mod_test.go b/syft/pkg/cataloger/golang/parse_go_mod_test.go
index c656b0c51..59a7164f1 100644
--- a/syft/pkg/cataloger/golang/parse_go_mod_test.go
+++ b/syft/pkg/cataloger/golang/parse_go_mod_test.go
@@ -31,6 +31,15 @@ func TestParseGoMod(t *testing.T) {
 
 			fixture: "test-fixtures/many-packages",
 			expected: []pkg.Package{
+				{
+					Name:      "github.com/anchore/archiver/v3",
+					Version:   "v3.5.2",
+					PURL:      "pkg:golang/github.com/anchore/archiver@v3.5.2#v3",
+					Locations: file.NewLocationSet(file.NewLocation("test-fixtures/many-packages")),
+					Language:  pkg.Go,
+					Type:      pkg.GoModulePkg,
+					Metadata:  pkg.GolangModuleEntry{},
+				},
 				{
 					Name:      "github.com/anchore/go-testutils",
 					Version:   "v0.0.0-20200624184116-66aa578126db",
diff --git a/syft/pkg/cataloger/golang/test-fixtures/many-packages b/syft/pkg/cataloger/golang/test-fixtures/many-packages
index f748cb574..664445abb 100644
--- a/syft/pkg/cataloger/golang/test-fixtures/many-packages
+++ b/syft/pkg/cataloger/golang/test-fixtures/many-packages
@@ -11,6 +11,7 @@ require (
 	github.com/anchore/go-testutils v0.0.0-20200624184116-66aa578126db // github.com/bogus/package v10.10.10
 	github.com/anchore/go-version v1.2.2-0.20200701162849-18adb9c92b9b
 	github.com/anchore/stereoscope v0.0.0-20200706164556-7cf39d7f4639
+	github.com/mholt/archiver/v3 v3.5.1
 	//github.com/ignore/this v9.9.9  // indirect
 	github.com/bmatcuk/doublestar v1.3.1  // indirect
 	github.com/go-test/deep v1.0.6  // a comment
@@ -18,4 +19,6 @@ require (
 
 replace github.com/bmatcuk/doublestar => github.com/bmatcuk/doublestar v8.8.8
 
+replace github.com/mholt/archiver/v3 v3.5.1 => github.com/anchore/archiver/v3 v3.5.2
+
 exclude github.com/adrg/xdg v0.2.1