PkgRadar

Maven · repo1.maven.org

com.github.kwart.jsign:jsignpdf-engine-dss

Shell Credential File Read

Why PkgRadar flagged 3.1.0-RC-1

SeveritySignalEvidence
highShell Credential File Readnet/sf/jsignpdf/engine/dss/DssTrustConfigurer.java

Showing signal labels only. Sign in to view the exact matched indicators for each finding.

Scanned versions

VersionVerdictScoreScanned (UTC)
3.1.0-RC-1High risk452026-06-23
3.1.0-BETA-6Low risk02026-06-22

Block this in CI

PkgRadar gates com.github.kwart.jsign:jsignpdf-engine-dss (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem maven com.github.kwart.jsign:[email protected]
Start free — 25 scans / moView full evidence
com.github.kwart.jsign:jsignpdf-engine-dss — Maven security scan | PkgRadar