Maven · repo1.maven.org
io.swagger.parser.v3:swagger-parser-v3
Java Base64 Combo: Base64.decode combined with network / process / defineClass — classic obfuscated payload.
Why PkgRadar flagged 2.1.44
| Severity | Signal | Evidence |
|---|---|---|
| high | Java Base64 Combo | Base64.decode combined with network / process / defineClass — classic obfuscated payload. · io/swagger/v3/parser/util/OpenAPIDeserializer.java |
| high | Java Static Init Side Effect | Static-initializer block contains process/network/reflection — runs on first class load. · io/swagger/v3/parser/util/OpenAPIDeserializer.java |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
2.1.44 | High risk | 42 | 2026-06-12 |
Block this in CI
pkgradar gate --ecosystem maven io.swagger.parser.v3:[email protected]