PkgRadar

Go modules · proxy.golang.org

github.com/second-state/go-ethereum

Shell Credential File Read, Go Generate Shell, Remote Payload +2 more

Why PkgRadar flagged v1.8.21

SeveritySignalEvidence
highShell Credential File Read
highShell Credential File Read
highShell Credential File Read
highShell Credential File Read
highShell Credential File Read
mediumGo Generate Shell
mediumRemote Payload

Showing signal labels only. Sign in to view the exact matched indicators for each finding.

Scanned versions

VersionVerdictScoreScanned (UTC)
v1.8.21High risk1322026-06-28
v1.9.2High risk1052026-06-28
v1.8.21-evmc.6.0.2-0High risk1322026-06-28
v1.9.2-evmc.6.3.0-0High risk1052026-06-28
v1.4.7High risk622026-06-28
v1.7.4-0.20180328141910-7d11732063c8High risk1102026-06-28
v1.9.6High risk1202026-06-28
v1.8.27High risk1322026-06-28
v1.9.7High risk1202026-06-28

Block this in CI

PkgRadar gates github.com/second-state/go-ethereum (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem go github.com/second-state/[email protected]
Start free — 25 scans / moView full evidence
github.com/second-state/go-ethereum — Go modules security scan | PkgRadar