Go modules · proxy.golang.org
github.com/kubermatic/kubeone
Credential file access: matched ".aws/"
Why PkgRadar flagged v1.13.5-0.20260603211334-a6b67308d18d
| Severity | Signal | Evidence |
|---|---|---|
| high | Credential file access | matched ".aws/" · github.com/kubermatic/[email protected]/pkg/templates/images/images.go |
| medium | Remote Payload | matched "curl " · github.com/kubermatic/[email protected]/go.sum |
| medium | Remote Payload | matched "raw.githubusercontent.com" · github.com/kubermatic/[email protected]/pkg/images/util.go |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
v1.13.5-0.20260603211334-a6b67308d18d | High risk | 76 | 2026-06-15 |
Block this in CI
pkgradar gate --ecosystem go github.com/kubermatic/[email protected]