Composer · packagist.org
swoole/phpx
Php Base64 Eval Chain: base64/gz/hex decode combined with eval/exec/backticks — classic PHP obfuscated payload.
Why PkgRadar flagged v2.3.1
| Severity | Signal | Evidence |
|---|---|---|
| high | Php Base64 Eval Chain | base64/gz/hex decode combined with eval/exec/backticks — classic PHP obfuscated payload. · swoole-phpx-b86a025/examples/bloom_filter/run-tests.php |
| high | Php Base64 Eval Chain | base64/gz/hex decode combined with eval/exec/backticks — classic PHP obfuscated payload. · swoole-phpx-b86a025/examples/queue/run-tests.php |
| high | Php Base64 Eval Chain | base64/gz/hex decode combined with eval/exec/backticks — classic PHP obfuscated payload. · swoole-phpx-b86a025/examples/rocksdb/run-tests.php |
| high | Php Shell With Decode | exec / system / shell_exec combined with base64/hex decode. · swoole-phpx-b86a025/examples/bloom_filter/run-tests.php |
| high | Php Shell With Decode | exec / system / shell_exec combined with base64/hex decode. · swoole-phpx-b86a025/examples/queue/run-tests.php |
| high | Php Shell With Decode | exec / system / shell_exec combined with base64/hex decode. · swoole-phpx-b86a025/examples/rocksdb/run-tests.php |
| medium | Remote Payload | matched "curl " · swoole-phpx-b86a025/bin/gen_stub.php |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
v2.3.1 | High risk | 78 | 2026-06-03 |
Block this in CI
pkgradar gate --ecosystem composer swoole/[email protected]