Go modules · proxy.golang.org
github.com/hashicorp/vault
Remote Payload: matched "cURL "
Why PkgRadar flagged v1.2.1-0.20260602200223-c5372ddfb782
| Severity | Signal | Evidence |
|---|---|---|
| medium | Remote Payload | matched "cURL " · github.com/hashicorp/[email protected]/command/base.go |
| medium | Remote Payload | matched "cURL " · github.com/hashicorp/[email protected]/command/main.go |
| medium | Remote Payload | matched "wget " · github.com/hashicorp/[email protected]/helper/testhelpers/testimages/hsm.go |
| medium | Go Mod Replace Local | go.mod replace directive redirects to a local filesystem path — non-portable / dev-time only. · github.com/hashicorp/[email protected]/go.mod |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
v1.2.1-0.20260602200223-c5372ddfb782 | High risk | 61 | 2026-06-03 |
v1.2.1-0.20260602163050-570025930271 | High risk | 61 | 2026-06-03 |
v1.2.1-0.20260601194205-0bebe0058ddd | High risk | 61 | 2026-06-02 |
v0.0.0-20260601194205-0bebe0058ddd | High risk | 61 | 2026-06-02 |
v1.2.1-0.20260601175850-571fc5cd3b81 | High risk | 61 | 2026-06-02 |
v0.0.0-20260601175850-571fc5cd3b81 | High risk | 61 | 2026-06-02 |
v1.2.1-0.20260601125215-17382ef05fd0 | High risk | 61 | 2026-06-02 |
v0.0.0-20160929154348-66c9302f1776 | Review | 18 | 2026-05-31 |
v0.0.0-20260529151944-063838867567 | Review | 61 | 2026-05-30 |
v1.2.1-0.20260528180116-a2ecfee8ab85 | Review | 61 | 2026-05-29 |
v0.0.0-20260528180116-a2ecfee8ab85 | Review | 61 | 2026-05-29 |
v1.2.1-0.20260528162551-b6c795ccbd1e | Review | 61 | 2026-05-29 |
Block this in CI
pkgradar gate --ecosystem go github.com/hashicorp/[email protected]