Go modules · proxy.golang.org

k8s.io/perf-tests/clusterloader2

Remote Payload: matched "curl "

Why PkgRadar flagged v0.0.0-20260611185654-374a4dcf4efc

Severity	Signal	Evidence
medium	Remote Payload	matched "curl " · k8s.io/perf-tests/[email protected]/pkg/measurement/common/api_availability_measurement.go
medium	Remote Payload	matched "curl " · k8s.io/perf-tests/[email protected]/pkg/measurement/common/etcd_metrics.go
medium	Remote Payload	matched "curl " · k8s.io/perf-tests/[email protected]/pkg/measurement/common/profile.go
medium	Remote Payload	matched "curl " · k8s.io/perf-tests/[email protected]/pkg/measurement/common/restart_apiserver.go
medium	Remote Payload	matched "curl " · k8s.io/perf-tests/[email protected]/pkg/measurement/common/scheduler_latency.go
medium	Remote Payload	matched "curl " · k8s.io/perf-tests/[email protected]/pkg/measurement/common/service_creation_latency.go

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`v0.0.0-20260611185654-374a4dcf4efc`	High risk	64	2026-06-12
`v0.0.0-20260611182259-56c278798385`	High risk	64	2026-06-12
`v0.0.0-20260611103450-c00d27c22c17`	High risk	64	2026-06-12
`v0.0.0-20260610194656-c0b947af9df3`	High risk	64	2026-06-12
`v0.0.0-20260609141751-2f1bca953fc0`	High risk	64	2026-06-11
`v0.0.0-20260609121149-d4486ecab16b`	High risk	64	2026-06-10
`v0.0.0-20260608204745-4c65f154710f`	High risk	64	2026-06-09
`v0.0.0-20260608164548-9f98015e952d`	High risk	64	2026-06-09
`v0.0.0-20260608154403-515707b7e3dd`	High risk	64	2026-06-09
`v0.0.0-20260608085649-4fee76ce8d38`	High risk	64	2026-06-09
`v0.0.0-20260604220758-b29ed84ea02c`	High risk	64	2026-06-06
`v0.0.0-20260528084052-7c00b2b0ee98`	High risk	64	2026-05-30
`v0.0.0-20260528125850-7c74f74a31e5`	Review	64	2026-05-29

Block this in CI

PkgRadar gates k8s.io/perf-tests/clusterloader2 (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem go k8s.io/perf-tests/[email protected]