Maven · repo1.maven.org
com.alibaba.polardbx:polardbx-connector-java
Shell Credential File Read, Java Base64 Combo, Java Unsafe Deserialize +2 more
Why PkgRadar flagged 2.2.15
| Severity | Signal | Evidence |
|---|---|---|
| high | Shell Credential File Read | com/alibaba/polardbx/core/cj/protocol/ExportControlled.java |
| medium | Java Base64 Combo | com/alibaba/polardbx/core/cj/protocol/ExportControlled.java |
| medium | Java Unsafe Deserialize | com/alibaba/polardbx/core/cj/jdbc/result/ResultSetImpl.java |
| medium | Java Process Spawn | com/alibaba/polardbx/core/cj/admin/ServerController.java |
| medium | Java Static Init Side Effect | com/alibaba/polardbx/core/cj/protocol/a/NativeProtocol.java |
| medium | Java Static Init Side Effect | com/alibaba/polardbx/core/cj/protocol/ExportControlled.java |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
2.2.15 | High risk | 124 | 2026-06-26 |
Block this in CI
pkgradar gate --ecosystem maven com.alibaba.polardbx:[email protected]