基础信息
项目名称:django/django
项目徽章:
仓库地址:https://github.com/pterodactyl/panel
检测报告地址:https://www.murphysec.com/console/report/1717183048541929472/1717183048613232640
此报告由Murphysec提供
漏洞列表
| 漏洞名称 | 漏洞类型 | MPS编号 | CVE编号 | 漏洞等级 |
|---|---|---|---|---|
| Django 存在正则表达式拒绝服务漏洞 | ReDoS | MPS-8qin-r234 | CVE-2023-36053 | 中危 |
缺陷组件
| 组件名称 | 版本 | 最小修复版本 | 依赖关系 | 修复建议 |
|---|---|---|---|---|
| Django | 4.2 | 4.2.3 | 间接依赖 | 建议修复 |
许可证风险
| 许可证类型 | 相关组件 | 许可证风险 |
|---|---|---|
| 自定义许可证 | 14 | 低 |
| MIT | 10 | 低 |
| BSD-3-Clause | 3 | 低 |
| MPL-2.0 | 1 | 低 |
| ZPL-2.1 | 1 | 低 |
| LGPL-3.0 | 1 | 中 |
SBOM清单
| 组件名称 | 组件版本 | 是否直接依赖 | 仓库 |
|---|---|---|---|
| quote | 间接依赖 | pip | |
| Field | 间接依赖 | pip | |
| names_digest | 间接依赖 | pip | |
| authenticate | 间接依赖 | pip | |
| FullResultSet | 间接依赖 | pip | |
| ModelChoiceIteratorValue | 间接依赖 | pip | |
| ChoiceField | 间接依赖 | pip | |
| EmptyPage | 间接依赖 | pip | |
| ModuleType | 间接依赖 | pip | |
| wraps | 间接依赖 | pip | |
| Variable | 间接依赖 | pip | |
| async_to_sync | 间接依赖 | pip | |
| mail_admins | 间接依赖 | pip | |
| GDALRaster | 间接依赖 | pip | |
| ThreadSensitiveContext | 间接依赖 | pip | |
| SessionBase | 间接依赖 | pip | |
| formats | 间接依赖 | pip | |
| GDAL_VERSION | 间接依赖 | pip | |
| forms | 间接依赖 | pip | |
| SkipTest | 间接依赖 | pip | |
| MessageDecoder | 间接依赖 | pip | |
| CoordTransform | 间接依赖 | pip | |
| RasterField | 间接依赖 | pip | |
| login_required | 间接依赖 | pip | |
| Point | 间接依赖 | pip | |
| asgiref | 间接依赖 | pip | |
| being | 间接依赖 | pip | |
| PolygonField | 间接依赖 | pip | |
| cached_property | 间接依赖 | pip | |
| ModelBackend | 间接依赖 | pip | |
| PageNotAnInteger | 间接依赖 | pip | |
| router | 间接依赖 | pip | |
| connections | 间接依赖 | pip | |
| CaptureQueriesContext | 间接依赖 | pip | |
| CDLL | 间接依赖 | pip | |
| Form | 间接依赖 | pip | |
| E001 | 间接依赖 | pip | |
| DecimalModel | 间接依赖 | pip | |
| temp | 间接依赖 | pip | |
| skipUnless | 间接依赖 | pip | |
| ngettext_lazy | 间接依赖 | pip | |
| escape | 间接依赖 | pip | |
| ASGIHandler | 间接依赖 | pip | |
| MultipleObjectsReturned | 间接依赖 | pip | |
| CookieStorage | 间接依赖 | pip | |
| Avg | 间接依赖 | pip | |
| reverse | 间接依赖 | pip | |
| partial | 间接依赖 | pip | |
| BaseGeometryWidget | 间接依赖 | pip | |
| SuspiciousOperation | 间接依赖 | pip | |
| serializers | 间接依赖 | pip | |
| CharField | 间接依赖 | pip | |
| timezone | 间接依赖 | pip | |
| User | 间接依赖 | pip | |
| ClientCursor | 间接依赖 | pip | |
| Author | 间接依赖 | pip | |
| to_path | 间接依赖 | pip | |
| Book | 间接依赖 | pip | |
| urlsplit | 间接依赖 | pip | |
| Resolver404 | 间接依赖 | pip | |
| Signal | 间接依赖 | pip | |
| BytesIO | 间接依赖 | pip | |
| FallbackStorage | 间接依赖 | pip | |
| Cast | 间接依赖 | pip | |
| unquote | 间接依赖 | pip | |
| requires_tz_support | 间接依赖 | pip | |
| SessionInterrupted | 间接依赖 | pip | |
| Library | 间接依赖 | pip | |
| STATICFILES_STORAGE_ALIAS | 间接依赖 | pip | |
| linebreaksbr | 间接依赖 | pip | |
| NullTimeKeeper | 间接依赖 | pip | |
| django | 间接依赖 | pip | |
| LinearRing | 间接依赖 | pip | |
| URLResolver | 间接依赖 | pip | |
| InvalidSessionKey | 间接依赖 | pip | |
| BaseCommand | 间接依赖 | pip | |
| StringIO | 间接依赖 | pip | |
| activate | 间接依赖 | pip | |
| Template | 间接依赖 | pip | |
| RenderableFieldMixin | 间接依赖 | pip | |
| TypeInfo | 间接依赖 | pip | |
| NotSupportedError | 间接依赖 | pip | |
| flatten | 间接依赖 | pip | |
| override_settings | 间接依赖 | pip | |
| GroupAdmin | 间接依赖 | pip | |
| import_module | 间接依赖 | pip | |
| expectedFailure | 间接依赖 | pip | |
| clean_ipv6_address | 间接依赖 | pip | |
| it | 间接依赖 | pip | |
| PY311 | 间接依赖 | pip | |
| Tag | 间接依赖 | pip | |
| otherwise | 间接依赖 | pip | |
| settings | 间接依赖 | pip | |
| update_wrapper | 间接依赖 | pip | |
| iscoroutinefunction | 间接依赖 | pip | |
| PY312 | 间接依赖 | pip | |
| connection | 间接依赖 | pip | |
| order_with_respect_to | 间接依赖 | pip | |
| Func | 间接依赖 | pip | |
| utils | 间接依赖 | pip | |
| RawSQL | 间接依赖 | pip | |
| City | 间接依赖 | pip | |
| PersonWithDefaultMaxLengths | 间接依赖 | pip | |
| ASGIRequest | 间接依赖 | pip | |
| NotRelationField | 间接依赖 | pip | |
| ModelChoiceIterator | 间接依赖 | pip | |
| RegexValidator | 间接依赖 | pip | |
| Tags | 间接依赖 | pip | |
| TokenType | 间接依赖 | pip | |
| DatabaseError | 间接依赖 | pip | |
| quote_plus | 间接依赖 | pip | |
| GenericForeignKey | 间接依赖 | pip | |
| module_has_submodule | 间接依赖 | pip | |
| MessageEncoder | 间接依赖 | pip | |
| override | 间接依赖 | pip | |
| field_is_referenced | 间接依赖 | pip | |
| checks | 间接依赖 | pip | |
| MaxValueValidator | 间接依赖 | pip | |
| timedelta | 间接依赖 | pip | |
| urljoin | 间接依赖 | pip | |
| permission_required | 间接依赖 | pip | |
| lazy | 间接依赖 | pip | |
| ValidationError | 间接依赖 | pip | |
| Context | 间接依赖 | pip | |
| HttpResponsePermanentRedirect | 间接依赖 | pip | |
| FileInput | 间接依赖 | pip | |
| UniqueConstraint | 间接依赖 | pip | |
| SimpleNamespace | 间接依赖 | pip | |
| markcoroutinefunction | 间接依赖 | pip | |
| DataError | 间接依赖 | pip | |
| FieldDoesNotExist | 间接依赖 | pip | |
| ignore_warnings | 间接依赖 | pip | |
| modify_settings | 间接依赖 | pip | |
| Value | 间接依赖 | pip | |
| keep_lazy_text | 间接依赖 | pip | |
| POINTER | 间接依赖 | pip | |
| GISLookup | 间接依赖 | pip | |
| LazyObject | 间接依赖 | pip | |
| CreateError | 间接依赖 | pip | |
| InterfaceError | 间接依赖 | pip | |
| _builtin_context_processors | 间接依赖 | pip | |
| check_async_unsafe | 间接依赖 | pip | |
| message_from_binary_file | 间接依赖 | pip | |
| HttpRequest | 间接依赖 | pip | |
| HttpResponse | 间接依赖 | pip | |
| message_from_string | 间接依赖 | pip | |
| TemplateDoesNotExist | 间接依赖 | pip | |
| AND | 间接依赖 | pip | |
| ViewDoesNotExist | 间接依赖 | pip | |
| IncorrectLookupParameters | 间接依赖 | pip | |
| Concat | 间接依赖 | pip | |
| lookups | 间接依赖 | pip | |
| error_h | 间接依赖 | pip | |
| Counter | 间接依赖 | pip | |
| DecimalField | 间接依赖 | pip | |
| Lexer | 间接依赖 | pip | |
| Order | 间接依赖 | pip | |
| import_string | 间接依赖 | pip | |
| safe_join | 间接依赖 | pip | |
| Answer | 间接依赖 | pip | |
| mail_managers | 间接依赖 | pip | |
| SimpleTestCase | 间接依赖 | pip | |
| Error | 间接依赖 | pip | |
| split_identifier | 间接依赖 | pip | |
| sync_to_async | 间接依赖 | pip | |
| TestSuite | 间接依赖 | pip | |
| CommandError | 间接依赖 | pip | |
| SimpleUploadedFile | 间接依赖 | pip | |
| numberformat | 间接依赖 | pip | |
| abspath | 间接依赖 | pip | |
| serializer_factory | 间接依赖 | pip | |
| TestCase | 间接依赖 | pip | |
| dirname | 间接依赖 | pip | |
| ShowFacets | 间接依赖 | pip | |
| ADDITION | 间接依赖 | pip | |
| b64decode | 间接依赖 | pip | |
| Driver | 间接依赖 | pip | |
| management | 间接依赖 | pip | |
| storage | 间接依赖 | pip | |
| Pi | 间接依赖 | pip | |
| TestDefaults | 间接依赖 | pip | |
| skipIf | 间接依赖 | pip | |
| IOBase | 间接依赖 | pip | |
| urldefrag | 间接依赖 | pip | |
| cache | 间接依赖 | pip | |
| BigD | 间接依赖 | pip | |
| Permission | 间接依赖 | pip | |
| CONTEXT_PTR | 间接依赖 | pip | |
| constants | 间接依赖 | pip | |
| app2 | 间接依赖 | pip | |
| TimeKeeper | 间接依赖 | pip | |
| Round | 间接依赖 | pip | |
| TransactionNow | 间接依赖 | pip | |
| CacheKeyWarning | 间接依赖 | pip | |
| deepcopy | 间接依赖 | pip | |
| get_user_model | 间接依赖 | pip | |
| get_references | 间接依赖 | pip | |
| PermissionDenied | 间接依赖 | pip | |
| LiveServerTestCase | 间接依赖 | pip | |
| Q | 间接依赖 | pip | |
| StaticFilesTestCase | 间接依赖 | pip | |
| Aggregate | 间接依赖 | pip | |
| CommandParser | 间接依赖 | pip | |
| path | 间接依赖 | pip | |
| date | 间接依赖 | pip | |
| TemporaryUploadedFile | 间接依赖 | pip | |
| BaseBackend | 间接依赖 | pip | |
| paragraph | 间接依赖 | pip | |
| AppConfig | 间接依赖 | pip | |
| SRSException | 间接依赖 | pip | |
| b64encode | 间接依赖 | pip | |
| get_language | 间接依赖 | pip | |
| format_html_join | 间接依赖 | pip | |
| DisallowedHost | 间接依赖 | pip | |
| parse_qsl | 间接依赖 | pip | |
| DateField | 间接依赖 | pip | |
| BaseStorage | 间接依赖 | pip | |
| call_command | 间接依赖 | pip | |
| Post | 间接依赖 | pip | |
| UserAdmin | 间接依赖 | pip | |
| FloatField | 间接依赖 | pip | |
| CheckboxSelectMultiple | 间接依赖 | pip | |
| GeometryField | 间接依赖 | pip | |
| BadRequest | 间接依赖 | pip | |
| reload | 间接依赖 | pip | |
| DEFAULT_CACHE_ALIAS | 间接依赖 | pip | |
| is_valid_ipv6_address | 间接依赖 | pip | |
| FloatModel | 间接依赖 | pip | |
| RevisionableModel | 间接依赖 | pip | |
| SplitDateTimeField | 间接依赖 | pip | |
| SettingsReference | 间接依赖 | pip | |
| capfirst | 间接依赖 | pip | |
| HttpResponseNotModified | 间接依赖 | pip | |
| FieldError | 间接依赖 | pip | |
| RegexObject | 间接依赖 | pip | |
| urlunsplit | 间接依赖 | pip | |
| File | 间接依赖 | pip | |
| CHANGE | 间接依赖 | pip | |
| CommonMiddleware | 间接依赖 | pip | |
| GEOSGeometry | 间接依赖 | pip | |
| OpenLayersWidget | 间接依赖 | pip | |
| Serializer | 间接依赖 | pip | |
| Origin | 间接依赖 | pip | |
| KeyTextTransform | 间接依赖 | pip | |
| FileField | 间接依赖 | pip | |
| transaction | 间接依赖 | pip | |
| Warning | 间接依赖 | pip | |
| skipUnlessDBFeature | 间接依赖 | pip | |
| RandomUUID | 间接依赖 | pip | |
| IntegrityError | 间接依赖 | pip | |
| receiver | 间接依赖 | pip | |
| DEFAULT_DB_ALIAS | 间接依赖 | pip | |
| migrations | 间接依赖 | pip | |
| Envelope | 间接依赖 | pip | |
| HttpResponseServerError | 间接依赖 | pip | |
| DJANGO_VERSION_PICKLE_KEY | 间接依赖 | pip | |
| defaultdict | 间接依赖 | pip | |
| HttpResponseRedirect | 间接依赖 | pip | |
| GEOSException | 间接依赖 | pip | |
| views | 间接依赖 | pip | |
| Country | 间接依赖 | pip | |
| exceptions | 间接依赖 | pip | |
| ExpressionWrapper | 间接依赖 | pip | |
| DistanceField | 间接依赖 | pip | |
| gettext_lazy | 间接依赖 | pip | |
| caches | 间接依赖 | pip | |
| skipIfDBFeature | 间接依赖 | pip | |
| Message | 间接依赖 | pip | |
| Sphinx | 4.5.0 | 间接依赖 | pip |
| SimpleLazyObject | 间接依赖 | pip | |
| pretty_name | 间接依赖 | pip | |
| default_storage | 间接依赖 | pip | |
| Person | 间接依赖 | pip | |
| template_tests | 间接依赖 | pip | |
| RequestFactory | 间接依赖 | pip | |
| get_permission_codename | 间接依赖 | pip | |
| generator | 间接依赖 | pip | |
| GDALException | 间接依赖 | pip | |
| mock | 间接依赖 | pip | |
| Storage | 间接依赖 | pip | |
| DistanceLookupBase | 间接依赖 | pip | |
| TransactionTestCase | 间接依赖 | pip | |
| ForeignKey | 间接依赖 | pip | |
| Http404 | 间接依赖 | pip | |
| include | 间接依赖 | pip | |
| finders | 间接依赖 | pip | |
| MySQLdb | 间接依赖 | pip | |
| Exists | 间接依赖 | pip | |
| ObjectDoesNotExist | 间接依赖 | pip | |
| DataSource | 间接依赖 | pip | |
| SpatialReference | 间接依赖 | pip | |
| CFUNCTYPE | 间接依赖 | pip | |
| EmptyResultSet | 间接依赖 | pip | |
| PersonWithCustomMaxLengths | 间接依赖 | pip | |
| TextTestRunner | 间接依赖 | pip | |
| COMPILED_REGEX_TYPE | 间接依赖 | pip | |
| validate_slug | 间接依赖 | pip | |
| Extent3D | 间接依赖 | pip | |
| NumberInput | 间接依赖 | pip | |
| hstore | 间接依赖 | pip | |
| NoReverseMatch | 间接依赖 | pip | |
| dateformat | 间接依赖 | pip | |
| IsolationLevel | 间接依赖 | pip | |
| LocalePrefixPattern | 间接依赖 | pip | |
| ImproperlyConfigured | 间接依赖 | pip | |
| AreaField | 间接依赖 | pip | |
| BrokenLinkEmailsMiddleware | 间接依赖 | pip | |
| lru_cache | 间接依赖 | pip | |
| charset | 间接依赖 | pip | |
| CASCADE | 间接依赖 | pip | |
| paragraphs | 间接依赖 | pip | |
| Node | 间接依赖 | pip | |
| Foo | 间接依赖 | pip | |
| KT | 间接依赖 | pip | |
| Django | 4.2 | 间接依赖 | pip |
| Structure | 间接依赖 | pip | |
| GenericRelation | 间接依赖 | pip | |
| Engine | 间接依赖 | pip | |
| NOT_PROVIDED | 间接依赖 | pip | |
| skip | 间接依赖 | pip | |
| gdal_full_version | 间接依赖 | pip | |
| FileResponse | 间接依赖 | pip | |
| OR | 间接依赖 | pip | |
| FileSystemStorage | 间接依赖 | pip | |
| models | 间接依赖 | pip | |
| apps | 间接依赖 | pip |