PkgRadar

Maven · repo1.maven.org

com.sshtools:liftlib

Java Unsafe Deserialize, Java Process Spawn, Java Static Init Side Effect

Why PkgRadar flagged 0.9.15

SeveritySignalEvidence
mediumJava Unsafe Deserializecom/sshtools/liftlib/Elevator.java
mediumJava Unsafe Deserializecom/sshtools/liftlib/Helper.java
mediumJava Process Spawncom/sshtools/liftlib/OS.java
mediumJava Process Spawncom/sshtools/liftlib/commands/ElevatableSystemCommands.java
mediumJava Process Spawncom/sshtools/liftlib/impl/PlatformElevation.java
mediumJava Process Spawncom/sshtools/liftlib/impl/ElevatedJVM.java
mediumJava Static Init Side Effectcom/sshtools/liftlib/OS.java

Showing signal labels only. Sign in to view the exact matched indicators for each finding.

Scanned versions

VersionVerdictScoreScanned (UTC)
0.9.15Review712026-06-25

Block this in CI

PkgRadar gates com.sshtools:liftlib (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem maven com.sshtools:[email protected]
Start free — 25 scans / moView full evidence