基础信息
项目名称:wesnoth/wesnoth
项目徽章:
仓库地址:https://github.com/pterodactyl/panel
检测报告地址:https://www.murphysec.com/console/report/1719696649316073472/1719696649353822208
此报告由Murphysec提供
漏洞列表
| 漏洞名称 | 漏洞类型 | MPS编号 | CVE编号 | 漏洞等级 |
|---|---|---|---|---|
| xml2js 安全漏洞 | 原型污染 | MPS-2023-4673 | CVE-2023-0842 | 中危 |
缺陷组件
| 组件名称 | 版本 | 最小修复版本 | 依赖关系 | 修复建议 |
|---|---|---|---|---|
| xml2js | 0.4.23 | 0.5.0 | 间接依赖 | 可选修复 |
许可证风险
| 许可证类型 | 相关组件 | 许可证风险 |
|---|---|---|
| MIT | 65 | 低 |
| BSD-3-Clause | 2 | 低 |
| ISC | 2 | 低 |
| Apache-2.0 | 1 | 低 |
SBOM清单
| 组件名称 | 组件版本 | 是否直接依赖 | 仓库 |
|---|---|---|---|
| @jimp/plugin-invert | 0.16.1 | 间接依赖 | npm |
| @jimp/plugin-cover | 0.16.1 | 间接依赖 | npm |
| parse-headers | 2.0.4 | 间接依赖 | npm |
| parsimmon | 1.18.1 | 间接依赖 | npm |
| ieee754 | 1.2.1 | 间接依赖 | npm |
| buffer | 5.7.1 | 间接依赖 | npm |
| omggif | 1.0.10 | 间接依赖 | npm |
| xml2js | 0.4.23 | 间接依赖 | npm |
| mime | 1.6.0 | 间接依赖 | npm |
| timm | 1.7.1 | 间接依赖 | npm |
| xml-parse-from-string | 1.0.1 | 间接依赖 | npm |
| @jimp/utils | 0.16.1 | 间接依赖 | npm |
| @jimp/plugin-flip | 0.16.1 | 间接依赖 | npm |
| @jimp/plugins | 0.16.1 | 间接依赖 | npm |
| xmlbuilder | 11.0.1 | 间接依赖 | npm |
| is-function | 1.0.2 | 间接依赖 | npm |
| @jimp/plugin-shadow | 0.16.1 | 间接依赖 | npm |
| @jimp/plugin-blit | 0.16.1 | 间接依赖 | npm |
| dom-walk | 0.1.2 | 间接依赖 | npm |
| xhr | 2.6.0 | 间接依赖 | npm |
| mkdirp | 0.5.5 | 间接依赖 | npm |
| xtend | 4.0.2 | 间接依赖 | npm |
| @babel/runtime | 7.16.7 | 间接依赖 | npm |
| @jimp/plugin-blur | 0.16.1 | 间接依赖 | npm |
| @jimp/plugin-threshold | 0.16.1 | 间接依赖 | npm |
| minimist | 1.2.6 | 间接依赖 | npm |
| tinycolor2 | 1.4.2 | 间接依赖 | npm |
| @jimp/plugin-mask | 0.16.1 | 间接依赖 | npm |
| @jimp/jpeg | 0.16.2 | 间接依赖 | npm |
| @jimp/plugin-color | 0.16.1 | 间接依赖 | npm |
| @jimp/gif | 0.16.2 | 间接依赖 | npm |
| process | 0.11.10 | 间接依赖 | npm |
| sax | 1.2.4 | 间接依赖 | npm |
| min-document | 2.19.0 | 间接依赖 | npm |
| global | 4.4.0 | 间接依赖 | npm |
| @jimp/plugin-scale | 0.16.1 | 间接依赖 | npm |
| pixelmatch | 4.0.2 | 间接依赖 | npm |
| gifwrap | 0.9.4 | 间接依赖 | npm |
| @jimp/plugin-fisheye | 0.16.1 | 间接依赖 | npm |
| jimp | 0.16.1 | 间接依赖 | npm |
| @jimp/png | 0.16.2 | 间接依赖 | npm |
| @jimp/plugin-displace | 0.16.1 | 间接依赖 | npm |
| @jimp/plugin-normalize | 0.16.1 | 间接依赖 | npm |
| any-base | 1.1.0 | 间接依赖 | npm |
| load-bmfont | 1.4.1 | 间接依赖 | npm |
| pako | 1.0.11 | 间接依赖 | npm |
| parse-bmfont-xml | 1.1.4 | 间接依赖 | npm |
| base64-js | 1.5.1 | 间接依赖 | npm |
| parse-bmfont-binary | 1.0.6 | 间接依赖 | npm |
| @jimp/bmp | 0.16.2 | 间接依赖 | npm |
| file-type | 9.0.0 | 间接依赖 | npm |
| @jimp/plugin-dither | 0.16.1 | 间接依赖 | npm |
| @jimp/tiff | 0.16.2 | 间接依赖 | npm |
| @jimp/types | 0.16.2 | 间接依赖 | npm |
| parse-bmfont-ascii | 1.0.6 | 间接依赖 | npm |
| @jimp/plugin-gaussian | 0.16.1 | 间接依赖 | npm |
| pywmlx | 间接依赖 | pip | |
| @jimp/plugin-print | 0.16.1 | 间接依赖 | npm |
| utif | 2.0.1 | 间接依赖 | npm |
| @jimp/plugin-resize | 0.16.1 | 间接依赖 | npm |
| buffer-equal | 0.0.1 | 间接依赖 | npm |
| pngjs | 3.4.0 | 间接依赖 | npm |
| bmp-js | 0.1.0 | 间接依赖 | npm |
| exif-parser | 0.1.12 | 间接依赖 | npm |
| jpeg-js | 0.4.4 | 间接依赖 | npm |
| @jimp/plugin-rotate | 0.16.1 | 间接依赖 | npm |
| regenerator-runtime | 0.13.9 | 间接依赖 | npm |
| @jimp/plugin-crop | 0.16.1 | 间接依赖 | npm |
| image-q | 4.0.0 | 间接依赖 | npm |
| @jimp/core | 0.16.1 | 间接依赖 | npm |
| @jimp/custom | 0.16.1 | 间接依赖 | npm |
| @types/node | 16.9.1 | 间接依赖 | npm |
| @jimp/plugin-circle | 0.16.1 | 间接依赖 | npm |
| @jimp/utils | 0.16.2 | 间接依赖 | npm |
| phin | 2.9.3 | 间接依赖 | npm |
| @jimp/plugin-contain | 0.16.1 | 间接依赖 | npm |