Maven · repo1.maven.org
com.github.ladder2020:jladder
Java Unsafe Deserialize: ObjectInputStream / XStream.fromXML — untrusted deserialization sink.
Why PkgRadar flagged 5.1.58
| Severity | Signal | Evidence |
|---|---|---|
| medium | Java Unsafe Deserialize | ObjectInputStream / XStream.fromXML — untrusted deserialization sink. · com/jladder/lang/Core.java |
| medium | Java Process Spawn | Runtime.exec / ProcessBuilder — process spawning. · com/jladder/lang/Machine.java |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
5.1.58 | Review | 17 | 2026-06-11 |
Block this in CI
pkgradar gate --ecosystem maven com.github.ladder2020:[email protected]