Go modules · proxy.golang.org
github.com/SAP/jenkins-library
Remote Payload: matched "github.com/anchore/syft/releases/download"
Why PkgRadar flagged v1.509.1-0.20260611115320-28e25720161d
| Severity | Signal | Evidence |
|---|---|---|
| medium | Remote Payload | matched "github.com/anchore/syft/releases/download" · github.com/sap/[email protected]/cmd/cnbBuild_generated.go |
| medium | Remote Payload | matched "raw.githubusercontent.com" · github.com/sap/[email protected]/cmd/credentialdiggerScan_generated.go |
| medium | Remote Payload | matched "github.com/golangci/golangci-lint/releases/download" · github.com/sap/[email protected]/cmd/golangBuild_generated.go |
| medium | Remote Payload | matched "github.com/anchore/syft/releases/download" · github.com/sap/[email protected]/cmd/kanikoExecute_generated.go |
| medium | Remote Payload | matched "github.com/SAP/SapMachine/releases/download" · github.com/sap/[email protected]/cmd/whitesourceExecuteScan_generated.go |
| medium | Remote Payload | matched "github.com/CycloneDX/cyclonedx-cli/releases/download" · github.com/sap/[email protected]/pkg/npm/bom.go |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
v1.509.1-0.20260611115320-28e25720161d | High risk | 88 | 2026-06-12 |
v0.0.0-20260611131409-3dc0d6953dc6 | High risk | 88 | 2026-06-12 |
v1.509.0 | High risk | 88 | 2026-06-11 |
v1.508.0 | High risk | 88 | 2026-06-10 |
v1.507.1-0.20260605090658-8cf85b20b0c7 | High risk | 88 | 2026-06-07 |
v1.507.1-0.20260603081511-ed5ae5732ecf | High risk | 88 | 2026-06-05 |
v1.507.1-0.20260604085554-a2828e9ffb5e | High risk | 88 | 2026-06-05 |
v1.507.1-0.20260602073816-1aa6bce3ec5f | High risk | 88 | 2026-06-03 |
v1.507.1-0.20260602101901-3005397149b2 | High risk | 88 | 2026-06-03 |
v1.507.0 | High risk | 88 | 2026-06-02 |
Block this in CI
pkgradar gate --ecosystem go github.com/SAP/[email protected]