PkgRadar

Go modules · proxy.golang.org

github.com/golang-fips/openssl/v2

Remote Payload: matched "raw.githubusercontent.com"

Why PkgRadar flagged v2.0.4-0.20260604174106-07f0db84e08f

SeveritySignalEvidence
mediumRemote Payloadmatched "raw.githubusercontent.com" · github.com/golang-fips/openssl/[email protected]/internal/fakecgo/update_tool.go

Scanned versions

VersionVerdictScoreScanned (UTC)
v2.0.4-0.20260604174106-07f0db84e08fReview122026-06-08

Block this in CI

PkgRadar gates github.com/golang-fips/openssl/v2 (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem go github.com/golang-fips/openssl/[email protected]
Start free — 25 scans / moView full evidence
github.com/golang-fips/openssl/v2 — Go modules security scan | PkgRadar