基础信息
项目名称:IdeaSpaceVR/IdeaSpace
项目徽章:
仓库地址:https://github.com/pterodactyl/panel
检测报告地址:https://www.murphysec.com/console/report/1718768844130615296/1718768844197724160
此报告由Murphysec提供
漏洞列表
| 漏洞名称 | 漏洞类型 | MPS编号 | CVE编号 | 漏洞等级 |
|---|---|---|---|---|
| Sensio Labs Symfony 授权问题漏洞 | 授权机制不恰当 | MPS-2022-3861 | CVE-2022-24894 | 高危 |
缺陷组件
| 组件名称 | 版本 | 最小修复版本 | 依赖关系 | 修复建议 |
|---|---|---|---|---|
| symfony/http-kernel | 2.8.*|3.0.* | 4.4.50 | 间接依赖 | 可选修复 |
许可证风险
| 许可证类型 | 相关组件 | 许可证风险 |
|---|---|---|
| MIT | 40 | 低 |
| BSD-3-Clause | 5 | 低 |
| BSD-4-Clause | 4 | 低 |
| LGPL-2.0 | 1 | 中 |
SBOM清单
| 组件名称 | 组件版本 | 是否直接依赖 | 仓库 |
|---|---|---|---|
| symfony/var-dumper | 2.8.*|3.0.* | 间接依赖 | composer |
| illuminate/routing | 5.2.* | 间接依赖 | composer |
| symfony/console | 2.8.*|3.0.* | 间接依赖 | composer |
| illuminate/http | 5.2.* | 间接依赖 | composer |
| symfony/polyfill-php56 | v1.20.0 | 间接依赖 | composer |
| nikic/php-parser | ^1.0|^2.0 | 间接依赖 | composer |
| illuminate/view | 5.2.* | 间接依赖 | composer |
| symfony/debug | ~2.8|~3.0 | 间接依赖 | composer |
| nikic/php-parser | ^1.2.1|~2.0 | 间接依赖 | composer |
| KERNEL32.dll | 间接依赖 | ||
| symfony/translation | ~2.6|~3.0 | 间接依赖 | composer |
| symfony/translation | 2.8.*|3.0.* | 间接依赖 | composer |
| symfony/polyfill-util | ~1.0 | 间接依赖 | composer |
| psr/log | ~1.0 | 间接依赖 | composer |
| MSVCR90.dll | 间接依赖 | ||
| classpreloader/classpreloader | ~3.0 | 间接依赖 | composer |
| psr/http-message | ~1.0 | 间接依赖 | composer |
| swiftmailer/swiftmailer | ~5.1 | 间接依赖 | composer |
| doctrine/inflector | ~1.0 | 间接依赖 | composer |
| jakub-onderka/php-console-color | ~0.1 | 间接依赖 | composer |
| monolog/monolog | ~1.11 | 间接依赖 | composer |
| symfony/polyfill-mbstring | ~1.1 | 间接依赖 | composer |
| league/flysystem | ~1.0 | 间接依赖 | composer |
| symfony/http-kernel | 2.8.*|3.0.* | 间接依赖 | composer |
| dnoegel/php-xdg-base-dir | 0.1 | 间接依赖 | composer |
| symfony/debug | 2.8.*|3.0.* | 间接依赖 | composer |
| illuminate/support | 5.2.* | 间接依赖 | composer |
| symfony/polyfill-mbstring | ~1.0 | 间接依赖 | composer |
| nesbot/carbon | ~1.20 | 间接依赖 | composer |
| symfony/process | 2.8.*|3.0.* | 间接依赖 | composer |
| symfony/var-dumper | ~2.7|~3.0 | 间接依赖 | composer |
| jeremeamia/superclosure | ~2.2 | 间接依赖 | composer |
| nikic/php-parser | ^1.2|^2.0 | 间接依赖 | composer |
| symfony/http-foundation | ~2.8.8|~3.0.8|~3.1.2|~3.2 | 间接依赖 | composer |
| symfony/http-foundation | 2.8.*|3.0.* | 间接依赖 | composer |
| vlucas/phpdotenv | ~2.2 | 间接依赖 | composer |
| guzzlehttp/psr7 | ~1.1 | 间接依赖 | composer |
| psy/psysh | 0.7.* | 间接依赖 | composer |
| symfony/routing | 2.8.*|3.0.* | 间接依赖 | composer |
| symfony/finder | 2.8.*|3.0.* | 间接依赖 | composer |
| mtdowling/cron-expression | ~1.0 | 间接依赖 | composer |
| paragonie/random_compat | ~1.4 | 间接依赖 | composer |
| symfony/console | ~2.3.10|^2.4.2|~3.0 | 间接依赖 | composer |
| symfony/event-dispatcher | ~2.8|~3.0 | 间接依赖 | composer |
| illuminate/session | 5.2.* | 间接依赖 | composer |
| MSVCP90.dll | 间接依赖 | ||
| symfony/polyfill-php56 | ~1.0 | 间接依赖 | composer |
| jakub-onderka/php-console-highlighter | 0.3.* | 间接依赖 | composer |