codeborne/selenide 软件分析报告

基础信息

项目名称:codeborne/selenide

项目徽章:

Security Status

仓库地址:https://github.com/pterodactyl/panel

检测报告地址:https://www.murphysec.com/console/report/1716766640989405184/1716766641501110272

此报告由Murphysec提供

漏洞列表

漏洞名称 漏洞类型 MPS编号 CVE编号 漏洞等级
Okio 安全漏洞 数值类型间的不正确转换 MPS-a2tx-d4fb CVE-2023-3635 高危
Hot Rod 安全漏洞 证书验证不恰当 MPS-b7oj-adm3 CVE-2023-4586 高危

缺陷组件

组件名称 版本 最小修复版本 依赖关系 修复建议
com.squareup.okio:okio 3.2.0 3.4.0 间接依赖 建议修复
com.squareup.okio:okio-jvm 3.2.0 3.4.0 间接依赖 建议修复
io.netty:netty-handler 4.1.100.Final 间接依赖 可选修复

许可证风险

许可证类型 相关组件 许可证风险
Apache-2.0 96
自定义许可证 8
MIT 4
BSD-3-Clause 1
EPL-1.0 1
CDDL-1.1 1

SBOM清单

组件名称 组件版本 是否直接依赖 仓库
io.opentelemetry:opentelemetry-api 1.28.0 间接依赖 maven
io.netty:netty-resolver 4.1.100.Final 间接依赖 maven
io.netty:netty-codec-mqtt 4.1.100.Final 间接依赖 maven
org.opentest4j:opentest4j 1.3.0 直接依赖 maven
io.opentelemetry:opentelemetry-semconv 1.28.0-alpha 间接依赖 maven
org.seleniumhq.selenium:selenium-http 4.14.1 间接依赖 maven
com.fasterxml.jackson.core:jackson-core 2.15.3 直接依赖 maven
com.google.code.findbugs:jsr305 3.0.2 间接依赖 maven
io.netty:netty-all 4.1.100.Final 直接依赖 maven
io.netty:netty-codec-redis 4.1.100.Final 间接依赖 maven
io.netty:netty-handler-ssl-ocsp 4.1.100.Final 间接依赖 maven
org.seleniumhq.selenium:selenium-devtools-v85 4.14.1 间接依赖 maven
org.bouncycastle:bcpkix-jdk18on 1.76 间接依赖 maven
org.seleniumhq.selenium:selenium-ie-driver 4.14.1 间接依赖 maven
org.testng:testng 7.8.0 直接依赖 maven
org.bouncycastle:bcprov-jdk18on 1.76 间接依赖 maven
org.apache.commons:commons-lang3 3.13.0 直接依赖 maven
org.seleniumhq.selenium:selenium-support 间接依赖 maven
io.opentelemetry:opentelemetry-sdk-extension-autoconfigure 1.28.0 间接依赖 maven
org.jetbrains.kotlin:kotlin-stdlib 1.6.20 间接依赖 maven
io.netty:netty-resolver-dns-native-macos 4.1.100.Final 间接依赖 maven
io.netty:netty-codec-http 4.1.100.Final 间接依赖 maven
io.opentelemetry:opentelemetry-api-events 1.28.0-alpha 间接依赖 maven
com.fasterxml.jackson.core:jackson-annotations 2.15.3 间接依赖 maven
org.seleniumhq.selenium:selenium-support 4.14.1 间接依赖 maven
io.netty:netty-handler 4.1.100.Final 间接依赖 maven
org.apache.httpcomponents.core5:httpcore5 5.2 直接依赖 maven
com.squareup.okio:okio-jvm 3.2.0 间接依赖 maven
io.netty:netty-transport-native-unix-common 4.1.100.Final 间接依赖 maven
io.opentelemetry:opentelemetry-sdk 1.28.0 间接依赖 maven
io.appium:java-client 9.0.0 直接依赖 maven
commons-io:commons-io 2.14.0 直接依赖 maven
org.slf4j:jcl-over-slf4j 2.0.9 间接依赖 maven
org.jetbrains.kotlin:kotlin-stdlib-jdk7 1.6.20 间接依赖 maven
io.opentelemetry:opentelemetry-sdk-extension-autoconfigure-spi 1.28.0 间接依赖 maven
org.seleniumhq.selenium:selenium-api 4.14.1 间接依赖 maven
io.netty:netty-transport-sctp 4.1.100.Final 间接依赖 maven
org.slf4j:slf4j-api 2.0.9 直接依赖 maven
org.apache.httpcomponents.core5:httpcore5-h2 5.2 直接依赖 maven
dnsjava:dnsjava 3.5.2 间接依赖 maven
javax.activation:javax.activation-api 1.2.0 间接依赖 maven
io.opentelemetry:opentelemetry-context 1.28.0 间接依赖 maven
dev.failsafe:failsafe 3.3.2 间接依赖 maven
io.netty:netty-codec-http2 4.1.100.Final 间接依赖 maven
de.sstoehr:har-reader 2.2.1 间接依赖 maven
io.opentelemetry:opentelemetry-extension-incubator 1.28.0-alpha 间接依赖 maven
org.zeroturnaround:zt-exec 1.12 间接依赖 maven
io.netty:netty-transport-udt 4.1.100.Final 间接依赖 maven
::modules:core 直接依赖 maven
io.netty:netty-codec-smtp 4.1.100.Final 间接依赖 maven
io.netty:netty-common 4.1.100.Final 间接依赖 maven
io.opentelemetry:opentelemetry-sdk-trace 1.28.0 间接依赖 maven
io.netty:netty-transport-rxtx 4.1.100.Final 间接依赖 maven
io.netty:netty-codec-xml 4.1.100.Final 间接依赖 maven
org.seleniumhq.selenium:selenium-devtools-v118 4.14.1 间接依赖 maven
io.opentelemetry:opentelemetry-sdk-common 1.28.0 间接依赖 maven
org.hamcrest:hamcrest 2.1 间接依赖 maven
io.opentelemetry:opentelemetry-sdk-metrics 1.28.0 间接依赖 maven
org.jetbrains.kotlin:kotlin-stdlib-jdk8 1.6.20 间接依赖 maven
com.google.code.gson:gson 2.10.1 间接依赖 maven
io.netty:netty-transport-classes-kqueue 4.1.100.Final 间接依赖 maven
com.github.valfirst.browserup-proxy:browserup-proxy-mitm 2.2.14 间接依赖 maven
io.netty:netty-codec-socks 4.1.100.Final 间接依赖 maven
org.seleniumhq.selenium:selenium-remote-driver 4.14.1 间接依赖 maven
io.netty:netty-resolver-dns-classes-macos 4.1.100.Final 间接依赖 maven
org.jetbrains:annotations 13.0 间接依赖 maven
org.seleniumhq.selenium:selenium-devtools-v116 4.14.1 间接依赖 maven
xyz.rogfam:littleproxy 2.0.22 直接依赖 maven
org.seleniumhq.selenium:selenium-os 4.14.1 间接依赖 maven
com.google.errorprone:error 间接依赖 maven
com.squareup.okio:okio 3.2.0 间接依赖 maven
org.brotli:dec 0.1.2 间接依赖 maven
org.seleniumhq.selenium:selenium-safari-driver 4.14.1 间接依赖 maven
org.apache.commons:commons-exec 1.3 间接依赖 maven
::statics 直接依赖 maven
com.google.guava:failureaccess 1.0.1 间接依赖 maven
org.hamcrest:hamcrest-core 1.3 间接依赖 maven
org.checkerframework:checker-qual 3.37.0 间接依赖 maven
io.netty:netty-transport 4.1.100.Final 间接依赖 maven
com.squareup.okhttp3:okhttp 4.11.0 间接依赖 maven
org.seleniumhq.selenium:selenium-firefox-driver 4.14.1 间接依赖 maven
io.netty:netty-transport-native-epoll 4.1.100.Final 间接依赖 maven
io.netty:netty-codec-haproxy 4.1.100.Final 间接依赖 maven
io.netty:netty-codec-memcache 4.1.100.Final 间接依赖 maven
com.google.auto.service:auto-service-annotations 1.1.1 间接依赖 maven
org.seleniumhq.selenium:selenium-manager 4.14.1 间接依赖 maven
org.seleniumhq.selenium:selenium-chrome-driver 4.14.1 间接依赖 maven
com.fasterxml.jackson:jackson-bom 2.15.3 间接依赖 maven
io.netty:netty-buffer 4.1.100.Final 间接依赖 maven
org.seleniumhq.selenium:selenium-api 间接依赖 maven
org.jetbrains.kotlin:kotlin-stdlib-common 1.6.20 间接依赖 maven
junit:junit 4.13.2 直接依赖 maven
org.seleniumhq.selenium:selenium-edge-driver 4.14.1 间接依赖 maven
org.seleniumhq.selenium:selenium-json 4.14.1 间接依赖 maven
org.seleniumhq.selenium:selenium-java 4.14.1 直接依赖 maven
org.awaitility:awaitility 4.2.0 间接依赖 maven
javax.xml.bind:jaxb-api 2.3.1 间接依赖 maven
org.seleniumhq.selenium:selenium-devtools-v117 4.14.1 间接依赖 maven
com.google.guava:listenablefuture 9999.0-empty-to-avoid-conflict-with-guava 间接依赖 maven
net.bytebuddy:byte-buddy 1.14.5 间接依赖 maven
com.github.valfirst.browserup-proxy:browserup-proxy-core 2.2.14 直接依赖 maven
com.jcraft:jzlib 1.1.3 间接依赖 maven
org.seleniumhq.selenium:selenium-remote-driver 间接依赖 maven
io.netty:netty-transport-native-kqueue 4.1.100.Final 间接依赖 maven
io.opentelemetry:opentelemetry-exporter-logging 1.28.0 间接依赖 maven
com.google.guava:guava 32.1.3-jre 直接依赖 maven
io.netty:netty-resolver-dns 4.1.100.Final 间接依赖 maven
io.netty:netty-codec-stomp 4.1.100.Final 间接依赖 maven
org.apache.httpcomponents.client5:httpclient5 5.2.1 直接依赖 maven
io.netty:netty-codec 4.1.100.Final 间接依赖 maven
com.fasterxml.jackson.core:jackson-databind 2.15.3 直接依赖 maven
io.netty:netty-handler-proxy 4.1.100.Final 间接依赖 maven
org.seleniumhq.selenium:selenium-chromium-driver 4.14.1 间接依赖 maven
org.bouncycastle:bcutil-jdk18on 1.76 间接依赖 maven
com.barchart.udt:barchart-udt-bundle 2.3.0 间接依赖 maven
io.netty:netty-codec-dns 4.1.100.Final 间接依赖 maven
io.opentelemetry:opentelemetry-sdk-logs 1.28.0 间接依赖 maven
io.netty:netty-transport-classes-epoll 4.1.100.Final 间接依赖 maven
(0)
上一篇 2023年10月24日
下一篇 2023年10月24日

相关推荐

  • kernelslacker/x86info 软件分析报告

    基础信息 项目名称:kernelslacker/x86info 项目徽章: 仓库地址:https://github.com/pterodactyl/panel 检测报告地址:https://www.murphysec.com/console/report/1721334747253735424/1728598843611631616 此报告由Murphyse…

    软件分析 2023年11月26日
    0
  • ai-eks/OpenClubhouse 软件分析报告

    基础信息 项目名称:ai-eks/OpenClubhouse 项目徽章: 仓库地址:https://github.com/pterodactyl/panel 检测报告地址:https://www.murphysec.com/console/report/1715570657910898688/1715570659072720896 此报告由Murphysec…

    软件分析 2023年10月23日
    0
  • elnaqah/NQBarGraph 软件分析报告

    基础信息 项目名称:elnaqah/NQBarGraph 项目徽章: 仓库地址:https://github.com/pterodactyl/panel 检测报告地址:https://www.murphysec.com/console/report/1717432191113887744/1717432191696896000 此报告由Murphysec提供…

    软件分析 2023年10月26日
    0
  • cheatfate/asynctools 软件分析报告

    基础信息 项目名称:cheatfate/asynctools 项目徽章: 仓库地址:https://github.com/pterodactyl/panel 检测报告地址:https://www.murphysec.com/console/report/1721083706554257408/1722336108159086592 此报告由Murphysec…

    软件分析 2023年11月9日
    0
  • AmilaRukshan/Nativescript-Ng2-Jwt-Login 软件分析报告

    基础信息 项目名称:AmilaRukshan/Nativescript-Ng2-Jwt-Login 项目徽章: 仓库地址:https://github.com/pterodactyl/panel 检测报告地址:https://www.murphysec.com/console/report/1720553976348721152/17205539763864…

    软件分析 2023年11月4日
    0