Go modules · proxy.golang.org
github.com/getplumber/plumber
Remote Payload: matched "cURL\n\t\t"
Why PkgRadar flagged v0.3.39-0.20260602094349-e556a1a0ee10
| Severity | Signal | Evidence |
|---|---|---|
| medium | Remote Payload | matched "cURL\n\t\t" · github.com/getplumber/[email protected]/cmd/glsast.go |
| medium | Remote Payload | matched "cURL " · github.com/getplumber/[email protected]/cmd/render_details.go |
| medium | Remote Payload | matched "cURL\n\t\t\t" · github.com/getplumber/[email protected]/cmd/sarif.go |
| medium | Remote Payload | matched "cURL\n\t" · github.com/getplumber/[email protected]/control/badge.go |
| medium | Remote Payload | matched "cURL " · github.com/getplumber/[email protected]/control/mrcomment.go |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
v0.3.39-0.20260602094349-e556a1a0ee10 | High risk | 60 | 2026-06-04 |
v0.3.33 | High risk | 60 | 2026-06-04 |
v0.3.29 | High risk | 60 | 2026-06-04 |
v0.3.34 | High risk | 60 | 2026-06-04 |
v0.3.36 | High risk | 60 | 2026-06-04 |
v0.3.35 | High risk | 60 | 2026-06-04 |
v0.3.37 | High risk | 60 | 2026-06-04 |
v0.3.30 | High risk | 60 | 2026-06-04 |
v0.3.31 | High risk | 60 | 2026-06-04 |
v0.3.28 | High risk | 60 | 2026-06-04 |
v0.3.32 | High risk | 60 | 2026-06-04 |
v0.3.38 | High risk | 60 | 2026-06-04 |
v0.3.22 | Review | 60 | 2026-05-29 |
v0.3.19 | Review | 60 | 2026-05-29 |
v0.3.18 | Review | 60 | 2026-05-29 |
v0.3.21 | Review | 60 | 2026-05-29 |
v0.3.28-0.20260526132657-7c7834414bcf | Review | 60 | 2026-05-29 |
Block this in CI
pkgradar gate --ecosystem go github.com/getplumber/[email protected]