Maven · repo1.maven.org

com.xceptance:xlt

Java Unsafe Deserialize, Java Process Spawn, Java Static Init Side Effect

Why PkgRadar flagged 10.0.0-beta-3

Severity	Signal	Evidence
medium	Java Unsafe Deserialize	com/xceptance/common/util/ObjectUtils.java
medium	Java Process Spawn	com/xceptance/common/util/PropertyGroovySecurityUtils.java
medium	Java Process Spawn	com/xceptance/xlt/agentcontroller/AgentImpl.java
medium	Java Process Spawn	com/xceptance/xlt/clientperformance/ClientPerformanceUtils.java
medium	Java Static Init Side Effect	com/xceptance/xlt/clientperformance/ClientPerformanceUtils.java
medium	Java Static Init Side Effect	com/xceptance/xlt/engine/XltWebClient.java
medium	Java Static Init Side Effect	org/htmlunit/css/CssStyleSheet.java
medium	Java Static Init Side Effect	org/htmlunit/javascript/host/Location.java
medium	Java Static Init Side Effect	org/htmlunit/javascript/host/Window.java
medium	Java Static Init Side Effect	org/htmlunit/util/UrlUtils.java

Showing signal labels only. Sign in to view the exact matched indicators for each finding.

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`10.0.0-beta-3`	Review	57	2026-06-23

Block this in CI

PkgRadar gates com.xceptance:xlt (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem maven com.xceptance:[email protected]