Go modules · proxy.golang.org

github.com/COSMOS/cosmos-sdk

Shell Credential File Read, Go Cgo Preamble

Why PkgRadar flagged v0.54.0-rc.1.0.20260616181550-24fb5ffc033a

Severity	Signal	Evidence
high	Shell Credential File Read	github.com/cosmos/[email protected]/crypto/keyring/keyring.go

Showing signal labels only. Sign in to view the exact matched indicators for each finding.

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`v0.54.0-rc.1.0.20260616181550-24fb5ffc033a`	High risk	45	2026-06-25
`v0.34.4-0.20191226153334-b314b851e430`	Low risk	0	2026-06-25
`v0.34.4-0.20191112184617-ae8ea8f39193`	Low risk	0	2026-06-25
`v0.40.0-rc3.0.20201111155211-76ffdccb03b6`	High risk	45	2026-06-25
`v0.0.0-20200829202026-52ffb269adfc`	High risk	45	2026-06-25
`v0.34.4-0.20190715173155-6ca641891b50`	Low risk	0	2026-06-25
`v0.28.2-0.20190808195118-e4c8bd72b72b`	Low risk	0	2026-06-25
`v0.34.4-0.20191028210247-adcfc6a1d1af`	Low risk	0	2026-06-25
`v0.34.4-0.20200214140405-e44f9148937c`	Low risk	0	2026-06-25
`v0.34.4-0.20200702031639-8f96ec0585a6`	High risk	45	2026-06-25
`v0.34.4-0.20200720202246-efa73c7edb31`	High risk	45	2026-06-25
`v0.40.0-rc3.0.20201130172205-6476b09b64d2`	High risk	45	2026-06-25
`v0.0.0-20191031200835-02c6c9fafd58`	Low risk	0	2026-06-25
`v0.34.4-0.20200314160922-fa65b21d9602`	Low risk	0	2026-06-25
`v0.34.4-0.20200406163315-7d6033ea5837`	Low risk	0	2026-06-25
`v0.28.2-0.20190805171329-cf1980273fac`	Low risk	0	2026-06-25
`v0.34.4-0.20190925161702-9d0bed8f4f4e`	Low risk	0	2026-06-25
`v0.34.4-0.20191007171707-fd76e62f4943`	Low risk	0	2026-06-25
`v0.34.4-0.20191009185354-ee404e96ab07`	Low risk	0	2026-06-25
`v0.34.4-0.20200116231728-46cbfd9a2344`	Low risk	0	2026-06-25
`v0.34.4-0.20200117182540-559db33ea99f`	Low risk	0	2026-06-25
`v0.34.4-0.20190803225533-593ea5c60971`	Low risk	0	2026-06-25
`v0.34.4-0.20200812130328-034b478a604d`	High risk	45	2026-06-25
`v0.34.4-0.20190827131926-5aacf454e1b6`	Low risk	0	2026-06-25
`v0.34.4-0.20190919214231-3aca119fd145`	Low risk	0	2026-06-25
`v0.37.11-0.20200422095316-4d76c539e770`	Low risk	0	2026-06-25
`v0.28.2-0.20190827131926-5aacf454e1b6`	Low risk	0	2026-06-25
`v0.40.0-rc7.0.20210129195451-d97e7907f176`	High risk	45	2026-06-25
`v0.34.4-0.20191029195223-3099b42aa1a9`	Low risk	0	2026-06-25
`v0.34.4-0.20191112183414-ee8bde2162cd`	Low risk	0	2026-06-25

Block this in CI

PkgRadar gates github.com/COSMOS/cosmos-sdk (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem go github.com/COSMOS/[email protected]

Start free — 25 scans / mo View full evidence