PkgRadar

Maven · repo1.maven.org

com.salesforce.cantor:cantor-h2

Remote Payload: matched "cUrl "

Why PkgRadar flagged 0.5.24

SeveritySignalEvidence
mediumRemote Payloadmatched "cUrl " · com/salesforce/cantor/h2/H2DataSourceProvider.java

Scanned versions

VersionVerdictScoreScanned (UTC)
0.5.24Review62026-06-15

Block this in CI

PkgRadar gates com.salesforce.cantor:cantor-h2 (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem maven com.salesforce.cantor:[email protected]
Start free — 25 scans / moView full evidence