Go modules · proxy.golang.org

github.com/0xpolygonhermez/erigon

Shell Credential File Read, Remote Payload, Go Cgo Preamble

Why PkgRadar flagged v0.9.22

Severity	Signal	Evidence
high	Shell Credential File Read	—
high	Shell Credential File Read	—
medium	Remote Payload	—

Showing signal labels only. Sign in to view the exact matched indicators for each finding.

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`v0.9.22`	High risk	102	2026-06-27
`v0.9.4`	Review	24	2026-06-27
`v1.6.7`	High risk	110	2026-06-27
`v1.9.14`	High risk	137	2026-06-27
`v1.8.4`	High risk	125	2026-06-27
`v0.0.4-alpha`	Review	24	2026-06-27
`v1.0.7`	Review	24	2026-06-27
`v0.6.4`	Low risk	0	2026-06-27
`v0.0.3-alpha`	Review	24	2026-06-27
`v1.9.16`	High risk	137	2026-06-27
`v1.0.1`	High risk	102	2026-06-27
`v1.9.25`	High risk	137	2026-06-27
`v1.6.2`	High risk	110	2026-06-27
`v0.6.5-1`	Low risk	0	2026-06-27
`v1.10.3`	High risk	137	2026-06-27
`v1.9.5`	High risk	120	2026-06-27
`v1.8.1`	High risk	125	2026-06-27
`v0.0.1-alpha`	Review	24	2026-06-27
`v0.6.7`	Low risk	0	2026-06-27
`v1.10.6`	High risk	137	2026-06-27
`v1.10.14`	High risk	137	2026-06-27
`v1.6.6`	High risk	110	2026-06-27
`v1.9.2`	High risk	105	2026-06-27
`v1.10.5`	High risk	137	2026-06-27
`v1.10.13`	High risk	137	2026-06-27
`v0.9.30`	High risk	102	2026-06-27
`v1.10.9`	High risk	137	2026-06-27
`v0.6.5-2`	Low risk	0	2026-06-27
`v0.9.36`	High risk	102	2026-06-27
`v1.5.3`	High risk	50	2026-06-27
`v1.10.1`	High risk	137	2026-06-27
`v1.2.22`	Review	24	2026-06-27
`v0.9.18`	High risk	90	2026-06-27
`v1.6.1`	High risk	110	2026-06-27
`v1.9.11`	High risk	137	2026-06-27
`v1.9.9`	High risk	132	2026-06-27
`v0.6.8`	Low risk	0	2026-06-27
`v1.10.4`	High risk	137	2026-06-27
`v0.6.3`	Low risk	0	2026-06-27
`v0.9.1`	Review	24	2026-06-27
`v1.5.7`	High risk	50	2026-06-27
`v0.8.4-1`	High risk	95	2026-06-27
`v0.8.5-2`	High risk	95	2026-06-27
`v1.10.11`	High risk	137	2026-06-27
`v0.9.34-1`	High risk	102	2026-06-27
`v1.1.5`	Review	24	2026-06-27
`v1.9.20`	High risk	137	2026-06-27
`v0.9.39`	High risk	102	2026-06-27
`v1.9.3`	High risk	120	2026-06-27
`v1.0.4`	Review	24	2026-06-27
`v1.5.4`	High risk	50	2026-06-27
`v1.9.4`	High risk	120	2026-06-27
`v1.10.2`	High risk	137	2026-06-27
`v1.5.2`	High risk	50	2026-06-27
`v0.7.10`	High risk	69	2026-06-27
`v1.9.24`	High risk	137	2026-06-27
`v1.8.17`	High risk	132	2026-06-27
`v0.8.4`	High risk	95	2026-06-27
`v1.8.16`	High risk	132	2026-06-27
`v1.0.9`	Review	24	2026-06-27
`v0.9.28`	High risk	102	2026-06-27
`v1.9.18`	High risk	137	2026-06-27
`v1.10.15`	High risk	137	2026-06-27
`v1.9.10`	High risk	137	2026-06-27
`v1.8.19`	High risk	144	2026-06-27
`v0.9.0`	Review	24	2026-06-27
`v0.6.5`	Low risk	0	2026-06-27
`v0.7.10-broken`	High risk	69	2026-06-27
`v1.9.22`	High risk	137	2026-06-27
`v1.7.3`	High risk	110	2026-06-27
`v1.5.9`	High risk	100	2026-06-27
`v1.8.15`	High risk	132	2026-06-27
`v1.10.0`	High risk	137	2026-06-27
`v0.8.5`	High risk	95	2026-06-27
`v1.6.3`	High risk	110	2026-06-27
`v1.9.1`	High risk	105	2026-06-27
`v0.9.23`	High risk	102	2026-06-27
`v1.9.13`	High risk	137	2026-06-27
`v1.0.3`	Review	24	2026-06-27
`v1.10.12`	High risk	137	2026-06-27
`v1.10.7`	High risk	137	2026-06-27
`v1.7.1`	High risk	110	2026-06-27
`v1.8.20`	High risk	132	2026-06-27
`v0.9.25`	High risk	102	2026-06-27
`v1.7.2`	High risk	110	2026-06-27
`v1.5.0`	High risk	50	2026-06-27
`v0.9.34`	High risk	102	2026-06-27
`v1.9.12`	High risk	137	2026-06-27
`v1.8.14`	High risk	132	2026-06-27
`v1.8.6`	High risk	125	2026-06-27
`v1.5.5`	High risk	50	2026-06-27
`v1.8.2`	High risk	125	2026-06-27
`v0.9.24`	High risk	102	2026-06-27
`v1.5.6`	High risk	50	2026-06-27
`v1.9.15`	High risk	137	2026-06-27
`v1.8.9`	High risk	125	2026-06-27
`v0.9.20`	High risk	90	2026-06-27
`v1.9.19`	High risk	137	2026-06-27
`v1.8.7`	High risk	125	2026-06-27
`v0.9.32`	High risk	102	2026-06-27
`v1.10.10`	High risk	137	2026-06-27
`v0.6.0`	Low risk	0	2026-06-27
`v1.8.5`	High risk	125	2026-06-27
`v0.9.17`	High risk	90	2026-06-27
`v1.8.11`	High risk	125	2026-06-27
`v0.0.2-alpha`	Review	24	2026-06-27
`v0.9.26`	High risk	102	2026-06-27
`v1.8.3`	High risk	125	2026-06-27
`v1.0.6`	Review	24	2026-06-27
`v1.8.10`	High risk	125	2026-06-27
`v1.0.0`	Review	24	2026-06-27
`v1.9.7`	High risk	120	2026-06-27
`v1.9.17`	High risk	137	2026-06-27
`v1.0.5`	Review	24	2026-06-27
`v1.9.21`	High risk	137	2026-06-27
`v1.6.0`	High risk	110	2026-06-27
`v1.6.5`	High risk	110	2026-06-27
`v1.8.18`	High risk	132	2026-06-27
`v0.6.6`	Low risk	0	2026-06-27
`v1.6.4`	High risk	110	2026-06-27
`v1.5.1`	High risk	50	2026-06-27
`v1.8.0`	High risk	125	2026-06-27
`v1.9.8`	High risk	132	2026-06-27
`v1.8.21`	High risk	132	2026-06-27
`v0.9.2`	Review	24	2026-06-27
`v0.0.1-test`	Review	24	2026-06-27
`v1.5.8`	High risk	50	2026-06-27
`v1.2.26`	Review	24	2026-06-27
`v1.9.6`	High risk	120	2026-06-27
`v0.9.3`	Review	24	2026-06-27
`v1.8.13`	High risk	137	2026-06-27
`v1.8.12`	High risk	137	2026-06-27
`v1.8.8`	High risk	125	2026-06-27
`v1.2.15`	Review	24	2026-06-27
`v0.9.21`	High risk	102	2026-06-27
`v1.10.8`	High risk	137	2026-06-27
`v1.7.0`	High risk	110	2026-06-27
`v1.9.23`	High risk	137	2026-06-27
`v0.9.38`	High risk	102	2026-06-27
`v1.0.2`	Review	24	2026-06-27
`v1.2.18`	Review	24	2026-06-27
`v0.7.11`	High risk	69	2026-06-27
`v1.0.8`	Review	24	2026-06-27
`v1.9.0`	High risk	105	2026-06-27
`v1.2.24`	Review	24	2026-06-27
`v1.10.16`	High risk	137	2026-06-27

Block this in CI

PkgRadar gates github.com/0xpolygonhermez/erigon (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem go github.com/0xpolygonhermez/[email protected]

Start free — 25 scans / mo View full evidence