Go modules · proxy.golang.org
github.com/cloudposse/variants
Remote Payload: matched "cURL "
Why PkgRadar flagged v1.222.0-rc.1.0.20260616024807-957921f8b833
| Severity | Signal | Evidence |
|---|---|---|
| medium | Remote Payload | matched "cURL " · github.com/cloudposse/[email protected]/pkg/aws/security/ocsf.go |
| medium | Remote Payload | matched "raw.githubusercontent.com" · github.com/cloudposse/[email protected]/pkg/config/default.go |
| medium | Remote Payload | matched "cURL " · github.com/cloudposse/[email protected]/pkg/git/yaml_tags.go |
| medium | Remote Payload | matched "raw.githubusercontent.com" · github.com/cloudposse/[email protected]/pkg/http/client.go |
| medium | Remote Payload | matched "github.com/%s/%s/releases/download" · github.com/cloudposse/[email protected]/pkg/toolchain/installer/asset.go |
| medium | Remote Payload | matched "curl " · github.com/cloudposse/[email protected]/pkg/toolchain/installer/download.go |
| medium | Remote Payload | matched "raw.githubusercontent.com" · github.com/cloudposse/[email protected]/pkg/toolchain/installer/installer.go |
| medium | Remote Payload | matched "raw.githubusercontent.com" · github.com/cloudposse/[email protected]/pkg/toolchain/registry/aqua/aqua.go |
| medium | Remote Payload | matched "github.com/%s/%s/releases/download" · github.com/cloudposse/[email protected]/pkg/toolchain/verification/checksum.go |
| medium | Remote Payload | matched "github.com/%s/%s/releases/download" · github.com/cloudposse/[email protected]/pkg/toolchain/verification/signature.go |
| medium | Remote Payload | matched "cURL\n\t" · github.com/cloudposse/[email protected]/pkg/utils/yaml_utils.go |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
v1.222.0-rc.1.0.20260616024807-957921f8b833 | High risk | 165 | 2026-06-17 |
v1.222.0-rc.1 | High risk | 165 | 2026-06-17 |
v1.221.1 | High risk | 165 | 2026-06-14 |
v1.221.0 | High risk | 165 | 2026-06-12 |
v1.221.0-rc.4 | High risk | 165 | 2026-06-05 |
v1.221.0-rc.3 | High risk | 165 | 2026-06-05 |
v1.221.0-rc.2 | High risk | 165 | 2026-06-05 |
v1.221.0-rc.1.0.20260530233219-30238462ca77 | High risk | 165 | 2026-06-01 |
v1.221.0-rc.1 | High risk | 165 | 2026-06-01 |
v1.218.1-rc.1 | High risk | 139 | 2026-06-01 |
v1.220.0-rc.2 | High risk | 161 | 2026-06-01 |
v1.220.0-rc.1 | High risk | 161 | 2026-06-01 |
v1.220.0-rc.3 | High risk | 165 | 2026-06-01 |
v1.220.0-rc.0 | High risk | 161 | 2026-06-01 |
v1.221.0-rc.0 | High risk | 165 | 2026-06-01 |
v1.220.0-rc.4 | High risk | 165 | 2026-06-01 |
v1.221.0-rc.1.0.20260530023402-6259051fef0b | High risk | 165 | 2026-05-31 |
v1.220.0 | High risk | 165 | 2026-05-31 |
Block this in CI
pkgradar gate --ecosystem go github.com/cloudposse/[email protected]