PkgRadar

Composer · packagist.org

condoedge/utils

Php Remote Fetch Exec Combo: Remote fetch (file_get_contents/curl) paired with eval/exec — fetch-and-run pattern.

Why PkgRadar flagged v0.2.317

SeveritySignalEvidence
highPhp Remote Fetch Exec ComboRemote fetch (file_get_contents/curl) paired with eval/exec — fetch-and-run pattern. · condoedge-utils-4448f7b/scripts/utils_updater.php

Scanned versions

VersionVerdictScoreScanned (UTC)
v0.2.317High risk222026-06-12
v0.2.313High risk222026-06-10
v0.2.309High risk222026-06-03
v0.2.308High risk222026-06-03
v0.2.306High risk222026-05-30
v0.2.304High risk222026-05-30
v0.2.303High risk222026-05-30
v0.2.300High risk222026-05-30
v0.2.301High risk222026-05-30

Block this in CI

PkgRadar gates condoedge/utils (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem composer condoedge/[email protected]
Start free — 25 scans / moView full evidence