PkgRadar

PyPI · pypi.org

veracode-api-signing

Py Install Time Eval Exec: Python eval()/exec() called on a string.

Why PkgRadar flagged 26.5.0

SeveritySignalEvidence
mediumPy Install Time Eval ExecPython eval()/exec() called on a string. · veracode_api_signing-26.5.0/setup.py

Scanned versions

VersionVerdictScoreScanned (UTC)
26.5.0Review312026-05-27

Block this in CI

PkgRadar gates veracode-api-signing (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi veracode-api-signing==26.5.0
Start free — 25 scans / moView full evidence