{"package":"k8s.io/client-go","ecosystem":"go","latest_version":"v0.36.0","description":"","license":"Apache-2.0","license_risk":"permissive","commercial_use_notes":"Permissive: commercial closed-source use OK; preserve the copyright notice.","homepage":"https://pkg.go.dev/k8s.io/client-go","repository":"","downloads_weekly":0,"health":{"score":61,"risk":"moderate","breakdown":{"maintenance":25,"popularity":0,"security":21,"maturity":15,"community":0},"deprecated":false,"max_score":100},"vulnerabilities":{"count":2,"critical":0,"high":0,"medium":2,"low":0,"details":[{"vuln_id":"CVE-2020-8565","severity":"medium","summary":"Kubernetes client-go vulnerable to Sensitive Information Leak via Log File","affected_versions":">=0.19.0,<0.19.6|>=0.20.0-alpha.0,<0.20.0-alpha.2|>=0.18.0,<0.18.14|<0.17.16|<1.20.0-alpha.2","fixed_version":"1.20.0-alpha.2","source":"osv","published_at":"2023-02-06T23:27:56Z","in_kev":false,"epss_prob":0.0006,"epss_percentile":0.18675,"threat_tier":"theoretical"},{"vuln_id":"CVE-2019-11250","severity":"medium","summary":"Kubernetes client-go library logs may disclose credentials to unauthorized users","affected_versions":"<0.17.0|<1.16.0-beta.1","fixed_version":"1.16.0-beta.1","source":"osv","published_at":"2022-05-24T16:55:06Z","in_kev":false,"epss_prob":0.0081,"epss_percentile":0.74313,"threat_tier":"theoretical"}],"actively_exploited_count":0,"likely_exploited_count":0},"versions":{"latest":"v0.36.0","total_count":643,"recent":["v0.18.3","v0.33.0-rc.1","v0.25.8-rc.0","v0.19.14","v0.25.7","v0.17.13","v0.33.9","v0.26.12","v0.23.13-rc.0","v0.20.3-rc.0","v0.16.6","v0.22.15-rc.0","v0.22.2","v0.20.0-beta.0","v0.17.7","v0.18.13-rc.0","v0.26.3-rc.0","v0.28.0-rc.1","v0.32.13","v0.20.15"]},"metadata":{"deprecated":false,"deprecated_message":null,"maintainers_count":0,"first_published":null,"last_published":"2026-04-22T18:35:58Z","dependencies_count":0,"dependencies":[]},"github_stats":null,"bundle":null,"typescript":null,"known_issues":{"bugs_count":0,"bugs_severity":{},"status_breakdown":{},"link":null,"scope":"none"},"historical_compromise":null,"recommendation":{"action":"use_with_caution","issues":["Moderate health score (61/100) — verify manually"],"use_version":"v0.36.0","version_hint":"Update to >= 1.16.0-beta.1 to fix known vulnerabilities","summary":"k8s.io/client-go@v0.36.0 low health (61/100) — consider alternatives"},"version_scoped":null,"requested_version":null,"_cache":"miss","_response_ms":379,"_powered_by":"depscope.dev — free package intelligence for AI agents","typosquat":{"is_suspected":false},"maintainer_trust":{"available":false},"malicious":{"is_malicious":false},"scorecard":{"available":false},"quality":{"available":false},"version_history_summary":{"total_versions":21,"first_release_age_days":null,"last_release_days_ago":9,"avg_days_between_releases":null,"release_velocity":"active"}}