Go modules · proxy.golang.org
github.com/pingcap/tiDB
Remote Payload: matched "CURL "
Why PkgRadar flagged v1.0.5
| Severity | Signal | Evidence |
|---|---|---|
| medium | Remote Payload | matched "CURL " · github.com/pingcap/[email protected]/_vendor/src/github.com/cznic/parser/yacc/parser.go |
| medium | Remote Payload | matched "wGet\n\t\t" · github.com/pingcap/[email protected]/store/tikv/mock-tikv/rpc.go |
| medium | Remote Payload | matched "wGet\n\t" · github.com/pingcap/[email protected]/store/tikv/rawkv.go |
| medium | Remote Payload | matched "wGet " · github.com/pingcap/[email protected]/store/tikv/tikvrpc/tikvrpc.go |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
v1.0.5 | High risk | 48 | 2026-06-14 |
v1.0.0 | High risk | 48 | 2026-06-14 |
v1.0.6 | High risk | 48 | 2026-06-14 |
v1.1.0-alpha | High risk | 48 | 2026-06-14 |
v1.1.0-alpha.1 | High risk | 36 | 2026-06-14 |
v1.0.7 | High risk | 48 | 2026-06-14 |
v1.0.9 | High risk | 48 | 2026-06-14 |
Block this in CI
pkgradar gate --ecosystem go github.com/pingcap/[email protected]