PkgRadar

Go modules · proxy.golang.org

github.com/prysmaticlabs/prysm/v5

Shell Credential File Read, Remote Payload

Why PkgRadar flagged v5.0.4-0.20240702040324-a8ecf5d11878

SeveritySignalEvidence
highShell Credential File Read
highShell Credential File Read
highShell Credential File Read
highShell Credential File Read
highShell Credential File Read
highShell Credential File Read
mediumRemote Payload

Showing signal labels only. Sign in to view the exact matched indicators for each finding.

Scanned versions

VersionVerdictScoreScanned (UTC)
v5.0.4-0.20240702040324-a8ecf5d11878High risk1122026-06-28
v5.0.4-0.20240629230816-ca83d29eef8bHigh risk1122026-06-28
v5.0.4-0.20240430212938-2c5a2e8ec723High risk1122026-06-28

Block this in CI

PkgRadar gates github.com/prysmaticlabs/prysm/v5 (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem go github.com/prysmaticlabs/prysm/[email protected]
Start free — 25 scans / moView full evidence
github.com/prysmaticlabs/prysm/v5 — Go modules security scan | PkgRadar