Go modules · proxy.golang.org
github.com/bufBuild/buf
Remote Payload: matched "curl\n\n"
Why PkgRadar flagged v1.70.1-0.20260615143408-32e150f9413f
| Severity | Signal | Evidence |
|---|---|---|
| medium | Remote Payload | matched "curl\n\n" · github.com/bufbuild/[email protected]/cmd/buf/internal/command/curl/curl.go |
| medium | Remote Payload | matched "curl\n\n" · github.com/bufbuild/[email protected]/private/buf/bufcurl/bufcurl.go |
| medium | Remote Payload | matched "curl\n\n" · github.com/bufbuild/[email protected]/private/buf/bufcurl/headers.go |
| medium | Remote Payload | matched "curl\n\n" · github.com/bufbuild/[email protected]/private/buf/bufcurl/invoker.go |
| medium | Remote Payload | matched "curl\n\n" · github.com/bufbuild/[email protected]/private/buf/bufcurl/io.go |
| medium | Remote Payload | matched "curl\n\n" · github.com/bufbuild/[email protected]/private/buf/bufcurl/reflection_resolver.go |
| medium | Remote Payload | matched "curl\n\n" · github.com/bufbuild/[email protected]/private/buf/bufcurl/resolver.go |
| medium | Remote Payload | matched "curl\n\n" · github.com/bufbuild/[email protected]/private/buf/bufcurl/tls.go |
| medium | Remote Payload | matched "curl\n\n" · github.com/bufbuild/[email protected]/private/buf/bufcurl/usage.gen.go |
| medium | Remote Payload | matched "curl\n\n" · github.com/bufbuild/[email protected]/private/buf/bufcurl/verbose_transport.go |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
v1.70.1-0.20260615143408-32e150f9413f | High risk | 50 | 2026-06-16 |
v1.70.0 | High risk | 50 | 2026-06-16 |
Block this in CI
pkgradar gate --ecosystem go github.com/bufBuild/[email protected]