基础信息
项目名称:yaklang/yaklang
项目徽章:
仓库地址:https://github.com/pterodactyl/panel
检测报告地址:https://www.murphysec.com/console/report/1720115998285582336/1720115998579183616
此报告由Murphysec提供
漏洞列表
| 漏洞名称 | 漏洞类型 | MPS编号 | CVE编号 | 漏洞等级 |
|---|---|---|---|---|
| jwt-go 安全漏洞 | 授权检查缺失 | MPS-2020-13786 | CVE-2020-26160 | 高危 |
| Cron Utils | 注入 | MPS-2020-16942 | CVE-2020-26238 | 高危 |
| FasterXML jackson-databind 代码问题漏洞 | XXE | MPS-2020-17358 | CVE-2020-25649 | 高危 |
| FasterXML jackson-databind 反序列化漏洞(commons-dbcp2 gadget绕过) | 反序列化 | MPS-2020-17696 | CVE-2020-35490 | 高危 |
| FasterXML jackson-databind 反序列化漏洞(commons-dbcp2 gadget绕过) | 反序列化 | MPS-2020-17697 | CVE-2020-35491 | 高危 |
| FasterXML jackson-databind 反序列化漏洞(glassfish gadget绕过) | 反序列化 | MPS-2020-18089 | CVE-2020-35728 | 高危 |
| FasterXML jackson-databind 反序列化漏洞(DBCP gadget绕过) | 反序列化 | MPS-2021-0202 | CVE-2020-36179 | 高危 |
| FasterXML jackson-databind 反序列化漏洞(DBCP gadget绕过) | 反序列化 | MPS-2021-0203 | CVE-2020-36181 | 高危 |
| FasterXML jackson-databind 反序列化漏洞(DBCP gadget绕过) | 反序列化 | MPS-2021-0204 | CVE-2020-36180 | 高危 |
| FasterXML jackson-databind 反序列化漏洞(tomcat-dbcp gadget绕过) | 反序列化 | MPS-2021-0205 | CVE-2020-36182 | 高危 |
| FasterXML jackson-databind 反序列化漏洞(docx4j gadget绕过) | 反序列化 | MPS-2021-0206 | CVE-2020-36183 | 高危 |
| FasterXML jackson-databind 反序列化漏洞(tomcat-dbcp gadget绕过) | 反序列化 | MPS-2021-0207 | CVE-2020-36184 | 高危 |
| FasterXML jackson-databind 反序列化漏洞(tomcat-dbcp gadget绕过) | 反序列化 | MPS-2021-0208 | CVE-2020-36185 | 高危 |
| FasterXML jackson-databind 反序列化漏洞(naming-factory-dbcp gadget绕过) | 反序列化 | MPS-2021-0209 | CVE-2020-36186 | 高危 |
| FasterXML jackson-databind 反序列化漏洞(naming-factory-dbcp gadget绕过) | 反序列化 | MPS-2021-0210 | CVE-2020-36187 | 高危 |
| FasterXML jackson-databind 反序列化漏洞(newrelic-agent gadget绕过) | 反序列化 | MPS-2021-0211 | CVE-2020-36188 | 高危 |
| FasterXML jackson-databind 反序列化漏洞(newrelic-agent gadget绕过) | 反序列化 | MPS-2021-0212 | CVE-2020-36189 | 高危 |
| FasterXML jackson-databind 反序列化漏洞(javax.swing gadget绕过) | 反序列化 | MPS-2021-1625 | CVE-2021-20190 | 高危 |
| Cron Utils | 代码注入 | MPS-2021-32038 | CVE-2021-41269 | 严重 |
| Jakarta Expression Language | 表达式语言注入 | MPS-2021-7671 | CVE-2021-28170 | 中危 |
| go.uuid 不安全的随机性漏洞 | 使用具有密码学弱点缺陷的PRNG | MPS-2021-7854 | CVE-2021-3538 | 严重 |
| Express 中的 qs 模块存在原型污染漏洞 | 原型污染 | MPS-2022-3967 | CVE-2022-24999 | 高危 |
| Google Golang 资源管理错误漏洞 | 不加限制或调节的资源分配 | MPS-2022-58311 | CVE-2022-41727 | 中危 |
| FasterXML jackson-databind 小于2.14.0-rc1拒绝服务漏洞 | 拒绝服务 | MPS-2022-58653 | CVE-2022-42003 | 中危 |
| FasterXML jackson-databind 小于2.13.4拒绝服务漏洞 | 拒绝服务 | MPS-2022-58654 | CVE-2022-42004 | 中危 |
| FasterXML jackson-databind 拒绝服务漏洞 | 越界写入 | MPS-2022-6242 | CVE-2020-36518 | 高危 |
| Google Golang 安全漏洞 | 拒绝服务 | MPS-c8am-hbny | CVE-2023-39325 | 高危 |
| 【存在争议】FasterXML jackson-databind 代码问题漏洞 | 不加限制或调节的资源分配 | MPS-z1bx-p8y2 | CVE-2023-35116 | 中危 |
缺陷组件
| 组件名称 | 版本 | 最小修复版本 | 依赖关系 | 修复建议 |
|---|---|---|---|---|
| com.fasterxml.jackson.core:jackson-databind | 2.9.10.6 | 直接依赖 | 建议修复 | |
| golang.org/x/image | v0.0.0-20210628002857-a66eb6448b8d | 0.5.0 | 间接依赖 | 建议修复 |
| com.cronutils:cron-utils | 9.1.2 | 9.1.6 | 直接依赖 | 建议修复 |
| express | 4.16.4 | 4.17.3 | 直接依赖 | 建议修复 |
| github.com/dgrijalva/jwt-go | v3.2.0+incompatible | 4.0.0-preview1 | 直接依赖 | 建议修复 |
| github.com/satori/go.uuid | v1.2.0 | 直接依赖 | 建议修复 | |
| golang.org/x/net | v0.16.0 | 0.17.0 | 直接依赖 | 可选修复 |
| org.glassfish:javax.el | 3.0.0 | 直接依赖 | 可选修复 | |
| golang.org/x/net | v0.11.0 | 0.17.0 | 直接依赖 | 可选修复 |
许可证风险
| 许可证类型 | 相关组件 | 许可证风险 |
|---|---|---|
| Apache-2.0 | 44 | 低 |
| MIT | 120 | 低 |
| BSD-3-Clause | 68 | 低 |
| MPL-2.0 | 5 | 低 |
| ICU | 2 | 低 |
| BSD-2-Clause | 20 | 低 |
| ISC | 4 | 低 |
| 自定义许可证 | 2 | 低 |
| Unlicense | 1 | 低 |
| CC-BY-SA-4.0 | 1 | 中 |
| GPL-3.0 | 1 | 中 |
| GPL-3.0-or-later | 1 | 低 |
| GPL-2.0 | 1 | 中 |
SBOM清单
| 组件名称 | 组件版本 | 是否直接依赖 | 仓库 |
|---|---|---|---|
| github.com/go-git/go-billy/v5 | v5.3.1 | 直接依赖 | go |
| github.com/golang-sql/civil | v0.0.0-20190719163853-cb61b32ac6fe | 间接依赖 | go |
| ca-certificates-bundle | 20230506-r0 | 间接依赖 | binary |
| dash | 0.5.11+git20210903+057cd650a4ed-3build1 | 间接依赖 | binary |
| github.com/andybalholm/brotli | v1.0.4 | 直接依赖 | go |
| github.com/jinzhu/inflection | v1.0.0 | 间接依赖 | go |
| github.com/mattn/go-isatty | v0.0.17 | 间接依赖 | go |
| github.com/gofrs/uuid | v4.0.0+incompatible | 直接依赖 | go |
| github.com/google/gxui | v0.0.0-20151028112939-f85e0a97b3a4 | 直接依赖 | go |
| github.com/shoenig/go-m1cpu | v0.1.5 | 间接依赖 | go |
| github.com/aquasecurity/go-pep440-version | v0.0.0-20210121094942-22b2f8951d46 | 间接依赖 | go |
| github.com/mdlayher/raw | v0.0.0-20190313224157-43dbcdd7739d | 间接依赖 | go |
| gopkg.in/gomail.v2 | v2.0.0-20160411212932-81ebce5c23df | 直接依赖 | go |
| gopkg.in/yaml.v2 | v2.4.0 | 直接依赖 | go |
| github.com/gobwas/httphead | v0.1.0 | 直接依赖 | go |
| github.com/saintfish/chardet | v0.0.0-20120816061221-3af4cd4741ca | 直接依赖 | go |
| github.com/alfg/mp4 | v0.0.0-20210728035756-55ea58c08aeb | 直接依赖 | go |
| github.com/hpcloud/tail | v1.0.0 | 直接依赖 | go |
| github.com/vmihailenco/tagparser/v2 | v2.0.0 | 间接依赖 | go |
| github.com/antlr4-go/antlr | v0.0.0-20230518091524-98b52378c522 | 间接依赖 | go |
| github.com/refraction-networking/utls | v1.3.2 | 直接依赖 | go |
| base-passwd | 3.5.52build1 | 间接依赖 | binary |
| github.com/mdlayher/arp | v0.0.0-20191213142603-f72070a231fc | 直接依赖 | go |
| github.com/liamg/jfather | v0.0.7 | 间接依赖 | go |
| github.com/antlr/antlr4/runtime/Go/antlr | v1.4.10 | 间接依赖 | go |
| com.cronutils:cron-utils | 9.1.2 | 直接依赖 | maven |
| github.com/pmezard/go-difflib | v1.0.0 | 间接依赖 | go |
| com.fasterxml.jackson.core:jackson-core | 2.9.10 | 直接依赖 | maven |
| github.com/emirpasic/gods | v1.12.0 | 间接依赖 | go |
| brotli-libs | 1.0.9-r14 | 间接依赖 | binary |
| libcrypto3 | 3.1.1-r1 | 间接依赖 | binary |
| github.com/youmark/pkcs8 | v0.0.0-20181117223130-1be2e3e5546d | 间接依赖 | go |
| adduser | 3.118ubuntu5 | 间接依赖 | binary |
| github.com/golang-sql/sqlexp | v0.1.0 | 间接依赖 | go |
| gopkg.in/yaml.v3 | v3.0.1 | 直接依赖 | go |
| ms | 2.1.1 | 直接依赖 | npm |
| github.com/fxsjy/RF.go | v0.0.0-20140710024358-46700521f302 | 直接依赖 | go |
| github.com/imdario/mergo | v0.3.12 | 间接依赖 | go |
| github.com/fastly/go-utils | v0.0.0-20180712184237-d95a45783239 | 间接依赖 | go |
| gopkg.in/fatih/set.v0 | v0.2.1 | 直接依赖 | go |
| array-flatten | 1.1.1 | 直接依赖 | npm |
| busybox | 1.36.1-r0 | 间接依赖 | binary |
| github.com/itchyny/gojq | v0.12.8 | 直接依赖 | go |
| github.com/golang/snappy | v0.0.4 | 直接依赖 | go |
| github.com/golang/protobuf | v1.5.3 | 直接依赖 | go |
| github.com/knqyf263/go-rpmdb | v0.0.0-20230517124904-b97c85e63254 | 直接依赖 | go |
| github.com/vmihailenco/bufpool | v0.1.11 | 间接依赖 | go |
| org.apache.commons:commons-lang3 | 3.11 | 直接依赖 | maven |
| golang.org/x/xerrors | v0.0.0-20220907171357-04be3eba64a2 | 间接依赖 | go |
| scanelf | 1.3.7-r1 | 间接依赖 | binary |
| github.com/ysmood/fetchup | v0.2.2 | 间接依赖 | go |
| github.com/kr/fs | v0.1.0 | 间接依赖 | go |
| github.com/k0kubun/pp | v3.0.1+incompatible | 直接依赖 | go |
| github.com/google/go-containerregistry | v0.15.2 | 直接依赖 | go |
| github.com/asaskevich/govalidator | v0.0.0-20210307081110-f21760c49a8d | 直接依赖 | go |
| org.glassfish:javax.el | 3.0.0 | 直接依赖 | maven |
| github.com/corpix/uarand | v0.2.0 | 直接依赖 | go |
| github.com/russross/blackfriday/v2 | v2.1.0 | 间接依赖 | go |
| body-parser | 1.18.3 | 直接依赖 | npm |
| alpine-keys | 2.4-r1 | 间接依赖 | binary |
| github.com/rivo/uniseg | v0.2.0 | 间接依赖 | go |
| github.com/golang/freetype | v0.0.0-20170609003504-e2365dfdc4a0 | 间接依赖 | go |
| github.com/go-git/gcfg | v1.5.0 | 间接依赖 | go |
| github.com/sijms/go-ora/v2 | v2.7.19 | 直接依赖 | go |
| prop-types | 15.7.2 | 直接依赖 | npm |
| github.com/gogs/chardet | v0.0.0-20211120154057-b7413eaefb8f | 间接依赖 | go |
| github.com/gaukas/godicttls | v0.0.3 | 间接依赖 | go |
| github.com/antchfx/xmlquery | v1.3.1 | 直接依赖 | go |
| apk-tools | 2.14.0-r2 | 间接依赖 | binary |
| github.com/mitchellh/mapstructure | v1.4.1 | 直接依赖 | go |
| github.com/urfave/cli | v1.22.12 | 直接依赖 | go |
| com.fasterxml.jackson.core:jackson-annotations | 2.9.10 | 直接依赖 | maven |
| github.com/mattn/go-sqlite3 | v1.14.15 | 直接依赖 | go |
| pear/log | 1.13.3 | 间接依赖 | composer |
| go.uber.org/atomic | v1.7.0 | 间接依赖 | go |
| golang.org/x/crypto | v0.10.0 | 直接依赖 | go |
| github.com/steambap/captcha | v1.4.1 | 直接依赖 | go |
| github.com/gobwas/glob | v0.2.3 | 直接依赖 | go |
| github.com/google/uuid | v1.3.0 | 直接依赖 | go |
| github.com/mattn/go-runewidth | v0.0.13 | 间接依赖 | go |
| github.com/yuin/charsetutil | v1.0.0 | 间接依赖 | go |
| go.opentelemetry.io/otel | v0.19.0 | 间接依赖 | go |
| js-tokens | 4.0.0 | 间接依赖 | npm |
| github.com/dgrijalva/jwt-go | v3.2.0+incompatible | 直接依赖 | go |
| github.com/gilliek/go-opml | v1.0.0 | 直接依赖 | go |
| github.com/ProtonMail/go-crypto | v0.0.0-20210428141323-04723f9f07d7 | 间接依赖 | go |
| libunistring | 1.1-r1 | 间接依赖 | binary |
| golang.org/x/sync | v0.4.0 | 间接依赖 | go |
| github.com/tmthrgd/go-hex | v0.0.0-20190904060850-447a3041c3bc | 间接依赖 | go |
| github.com/mdlayher/ethernet | v0.0.0-20190313224307-5b5fc417d966 | 间接依赖 | go |
| github.com/google/go-dap | v0.10.0 | 直接依赖 | go |
| Flask | 2.0.0 | 间接依赖 | pip |
| gopkg.in/fsnotify.v1 | v1.4.7 | 间接依赖 | go |
| github.com/tklauser/go-sysconf | v0.3.11 | 间接依赖 | go |
| golang.org/x/time | v0.0.0-20210723032227-1f47c861a9ac | 间接依赖 | go |
| github.com/glaslos/ssdeep | v0.3.1 | 直接依赖 | go |
| github.com/lestrrat/go-file-rotatelogs | v0.0.0-20180223000712-d3151e2a480f | 直接依赖 | go |
| click | 8.0.0 | 间接依赖 | pip |
| github.com/xdg-go/stringprep | v1.0.4 | 间接依赖 | go |
| golang.org/x/mod | v0.13.0 | 间接依赖 | go |
| github.com/sergi/go-diff | v1.1.0 | 间接依赖 | go |
| github.com/hashicorp/go-version | v1.6.0 | 直接依赖 | go |
| github.com/segmentio/ksuid | v1.0.4 | 直接依赖 | go |
| github.com/kataras/golog | v0.0.10 | 直接依赖 | go |
| org.slf4j:slf4j-api | 1.7.30 | 直接依赖 | maven |
| curl | 7.81.0-1ubuntu1.10 | 间接依赖 | binary |
| github.com/go-git/go-git/v5 | v5.4.2 | 直接依赖 | go |
| github.com/go-pg/zerochecker | v0.2.0 | 间接依赖 | go |
| github.com/CycloneDX/cyclonedx-go | v0.7.2 | 直接依赖 | go |
| github.com/stacktitan/smb | v0.0.0-20190531122847-da9a425dceb8 | 直接依赖 | go |
| github.com/PuerkitoBio/goquery | v1.6.0 | 直接依赖 | go |
| github.com/power-devops/perfstat | v0.0.0-20210106213030-5aafc221ea8c | 间接依赖 | go |
| github.com/pkg/errors | v0.9.1 | 直接依赖 | go |
| github.com/go-pg/pg/v10 | v10.9.1 | 直接依赖 | go |
| github.com/oschwald/maxminddb-golang | v1.7.0 | 直接依赖 | go |
| object-assign | 4.1.1 | 间接依赖 | npm |
| github.com/twmb/murmur3 | v1.1.6 | 直接依赖 | go |
| bsdutils | 1:2.37.2-4ubuntu3 | 间接依赖 | binary |
| github.com/vmihailenco/msgpack/v5 | v5.3.0 | 间接依赖 | go |
| github.com/denisenkom/go-mssqldb | v0.12.3 | 直接依赖 | go |
| github.com/mfonda/simhash | v0.0.0-20151007195837-79f94a1100d6 | 直接依赖 | go |
| github.com/paulmach/go.geojson | v1.4.0 | 直接依赖 | go |
| js-tokens | 2.0.0 | 直接依赖 | npm |
| musl-utils | 1.2.4-r0 | 间接依赖 | binary |
| github.com/hashicorp/go-multierror | v1.1.1 | 间接依赖 | go |
| golang.org/x/text | v0.10.0 | 直接依赖 | go |
| golang.org/x/sys | v0.9.0 | 直接依赖 | go |
| libidn2 | 2.3.4-r1 | 间接依赖 | binary |
| github.com/go-gl/gl | v0.0.0-20211210172815-726fda9656d6 | 间接依赖 | go |
| github.com/googollee/go-socket.io | v1.6.1 | 直接依赖 | go |
| github.com/klauspost/compress | v1.16.5 | 间接依赖 | go |
| github.com/golang/groupcache | v0.0.0-20200121045136-8c9f03a8e57e | 直接依赖 | go |
| google.golang.org/grpc | v1.54.0 | 直接依赖 | go |
| base-files | 12ubuntu4.3 | 间接依赖 | binary |
| bash | 5.1-6ubuntu1 | 间接依赖 | binary |
| ca-certificates | 20230506-r0 | 间接依赖 | binary |
| github.com/rogpeppe/go-internal | v1.8.0 | 间接依赖 | go |
| github.com/cespare/xxhash/v2 | v2.2.0 | 间接依赖 | go |
| github.com/dlclark/regexp2 | v1.2.0 | 直接依赖 | go |
| github.com/andybalholm/cascadia | v1.1.0 | 间接依赖 | go |
| golang.org/x/net | v0.11.0 | 直接依赖 | go |
| github.com/kr/pretty | v0.3.0 | 间接依赖 | go |
| github.com/stretchr/testify | v1.8.4 | 直接依赖 | go |
| github.com/jehiah/go-strftime | v0.0.0-20171201141054-1d33003b3869 | 间接依赖 | go |
| github.com/lestrrat/go-envload | v0.0.0-20180220120943-6ed08b54a570 | 间接依赖 | go |
| github.com/dgryski/go-rendezvous | v0.0.0-20200823014737-9f7001d12a5f | 间接依赖 | go |
| github.com/xdg-go/scram | v1.1.2 | 间接依赖 | go |
| Jinja2 | 3.0.0 | 间接依赖 | pip |
| github.com/antlr/antlr4/runtime/Go/antlr/v4 | v4.0.0-20220911224424-aa1f1f12a846 | 直接依赖 | go |
| go.opentelemetry.io/otel/trace | v0.19.0 | 间接依赖 | go |
| github.com/jinzhu/copier | v0.0.0-20190625015134-976e0346caa8 | 直接依赖 | go |
| github.com/gosnmp/gosnmp | v1.35.0 | 直接依赖 | go |
| github.com/tebeka/strftime | v0.1.3 | 间接依赖 | go |
| nghttp2-libs | 1.53.0-r0 | 间接依赖 | binary |
| alpine-baselayout-data | 3.4.3-r1 | 间接依赖 | binary |
| golang.org/x/sys | v0.13.0 | 直接依赖 | go |
| github.com/bcicen/jstream | v0.0.0-20190220045926-16c1f8af81c2 | 直接依赖 | go |
| github.com/samber/lo | v1.38.1 | 直接依赖 | go |
| honnef.co/go/js/dom | v0.0.0-20210725211120-f030747120f2 | 间接依赖 | go |
| github.com/ysmood/gson | v0.7.3 | 直接依赖 | go |
| github.com/opencontainers/go-digest | v1.0.0 | 间接依赖 | go |
| ansi-colors | 3.2.3 | 直接依赖 | npm |
| pear/pear_exception | v1.0.2 | 间接依赖 | composer |
| github.com/dave/jennifer | v1.4.1 | 直接依赖 | go |
| github.com/docker/distribution | v2.8.1+incompatible | 间接依赖 | go |
| github.com/cpuguy83/go-md2man/v2 | v2.0.2 | 间接依赖 | go |
| github.com/satori/go.uuid | v1.2.0 | 直接依赖 | go |
| github.com/ysmood/leakless | v0.8.0 | 间接依赖 | go |
| github.com/dgryski/go-farm | v0.0.0-20200201041132-a6ae2369ad13 | 直接依赖 | go |
| gopkg.in/tomb.v1 | v1.0.0-20141024135613-dd632973f1e7 | 间接依赖 | go |
| github.com/tatsushid/go-fastping | v0.0.0-20160109021039-d7bb493dee3e | 直接依赖 | go |
| github.com/jinzhu/now | v1.0.0 | 间接依赖 | go |
| github.com/acomagu/bufpipe | v1.0.3 | 间接依赖 | go |
| github.com/projectdiscovery/gostruct | v0.0.0-20230520110439-bbdedaae3c35 | 直接依赖 | go |
| github.com/docker/docker | v24.0.2+incompatible | 直接依赖 | go |
| github.com/kennygrant/sanitize | v1.2.4 | 间接依赖 | go |
| gotest.tools/v3 | v3.5.0 | 间接依赖 | go |
| github.com/ReneKroon/ttlcache | v1.6.0 | 直接依赖 | go |
| github.com/nxadm/tail | v1.4.8 | 间接依赖 | go |
| github.com/go-redis/redis/v8 | v8.8.2 | 直接依赖 | go |
| github.com/davecgh/go-spew | v1.1.1 | 直接依赖 | go |
| github.com/lufia/plan9stats | v0.0.0-20211012122336-39d0f177ccd0 | 间接依赖 | go |
| github.com/moby/term | v0.5.0 | 间接依赖 | go |
| github.com/k0kubun/colorstring | v0.0.0-20150214042306-9440f1994b88 | 间接依赖 | go |
| github.com/fsnotify/fsnotify | v1.4.9 | 直接依赖 | go |
| github.com/yusufpapurcu/wmi | v1.2.2 | 间接依赖 | go |
| github.com/olekukonko/tablewriter | v0.0.5 | 直接依赖 | go |
| gopkg.in/warnings.v0 | v0.1.2 | 间接依赖 | go |
| github.com/ysmood/goob | v0.4.0 | 间接依赖 | go |
| itsdangerous | 2.0.0 | 间接依赖 | pip |
| github.com/pkg/sftp | v1.11.0 | 直接依赖 | go |
| github.com/google/gopacket | v1.1.19 | 直接依赖 | go |
| gopkg.in/natefinch/lumberjack.v2 | v2.0.0 | 直接依赖 | go |
| go.uber.org/zap | v1.24.0 | 间接依赖 | go |
| github.com/shirou/gopsutil/v3 | v3.23.4 | 直接依赖 | go |
| github.com/mattn/go-colorable | v0.1.8 | 间接依赖 | go |
| golang.org/x/exp | v0.0.0-20231006140011-7918f672742d | 直接依赖 | go |
| google.golang.org/genproto | v0.0.0-20230323212658-478b75c54725 | 间接依赖 | go |
| github.com/itchyny/timefmt-go | v0.1.3 | 间接依赖 | go |
| github.com/vjeantet/grok | v1.0.0 | 直接依赖 | go |
| curl | 8.1.2-r0 | 间接依赖 | binary |
| github.com/tidwall/pretty | v1.2.0 | 间接依赖 | go |
| github.com/grpc-ecosystem/go-grpc-middleware | v1.3.0 | 直接依赖 | go |
| github.com/lunixbochs/struc | v0.0.0-20200707160740-784aaebc1d40 | 直接依赖 | go |
| busybox-binsh | 1.36.1-r0 | 间接依赖 | binary |
| github.com/montanaflynn/stats | v0.0.0-20171201202039-1bf9dbcd8cbe | 间接依赖 | go |
| github.com/docker/go-units | v0.5.0 | 间接依赖 | go |
| github.com/aquasecurity/go-version | v0.0.0-20210121072130-637058cfe492 | 间接依赖 | go |
| github.com/disintegration/imaging | v1.6.2 | 直接依赖 | go |
| github.com/jinzhu/gorm | v1.9.2 | 直接依赖 | go |
| github.com/gogo/protobuf | v1.3.2 | 间接依赖 | go |
| github.com/tklauser/numcpus | v0.6.0 | 间接依赖 | go |
| github.com/antlr4-go/antlr/v4 | v4.13.0 | 直接依赖 | go |
| github.com/jlaffaye/ftp | v0.0.0-20210307004419-5d4190119067 | 直接依赖 | go |
| github.com/gopherjs/gopherjs | v0.0.0-20181017120253-0766667cb4d1 | 间接依赖 | go |
| libcurl | 8.1.2-r0 | 间接依赖 | binary |
| github.com/icodeface/tls | v0.0.0-20190904083142-17aec93c60e5 | 直接依赖 | go |
| github.com/erikstmartin/go-testdb | v0.0.0-20160219214506-8d10e4a1bae5 | 间接依赖 | go |
| github.com/aquasecurity/go-dep-parser | v0.0.0-20230627073354-fb7eb3159bd5 | 直接依赖 | go |
| github.com/icodeface/grdp | v0.0.0-20200414055757-e0008b0b5cb2 | 直接依赖 | go |
| loose-envify | 1.4.0 | 间接依赖 | npm |
| MarkupSafe | 2.0.0 | 间接依赖 | pip |
| github.com/lor00x/goldap | v0.0.0-20180618054307-a546dffdd1a3 | 直接依赖 | go |
| github.com/gocolly/colly | v1.2.0 | 直接依赖 | go |
| musl | 1.2.4-r0 | 间接依赖 | binary |
| golang.org/x/tools | v0.14.0 | 间接依赖 | go |
| mellium.im/sasl | v0.3.1 | 间接依赖 | go |
| google.golang.org/protobuf | v1.30.0 | 直接依赖 | go |
| libssl3 | 3.1.1-r1 | 间接依赖 | binary |
| google.golang.org/appengine | v1.6.7 | 间接依赖 | go |
| github.com/Microsoft/go-winio | v0.6.1 | 间接依赖 | go |
| github.com/xiecat/wsm | v0.1.3 | 直接依赖 | go |
| golang.org/x/crypto | v0.14.0 | 直接依赖 | go |
| github.com/kevinburke/ssh_config | v0.0.0-20201106050909-4977a11b4351 | 直接依赖 | go |
| github.com/go-ole/go-ole | v1.2.6 | 间接依赖 | go |
| github.com/xdg-go/pbkdf2 | v1.0.0 | 间接依赖 | go |
| gopkg.in/sourcemap.v1 | v1.0.5 | 直接依赖 | go |
| golang.org/x/text | v0.13.0 | 直接依赖 | go |
| github.com/vmihailenco/tagparser | v0.1.2 | 间接依赖 | go |
| github.com/tevino/abool | v0.0.0-20170917061928-9b9efcf221b5 | 直接依赖 | go |
| github.com/antchfx/htmlquery | v1.2.5 | 直接依赖 | go |
| github.com/kataras/pio | v0.0.2 | 直接依赖 | go |
| github.com/go-gl/glfw/v3.3/glfw | v0.0.0-20200222043503-6f7a984d4dc4 | 间接依赖 | go |
| react-is | 16.13.1 | 间接依赖 | npm |
| golang.org/x/exp | v0.0.0-20230713183714-613f0c0eb8a1 | 直接依赖 | go |
| github.com/goxjs/glfw | v0.0.0-20191126052801-d2efb5f20838 | 间接依赖 | go |
| github.com/tidwall/match | v1.1.1 | 间接依赖 | go |
| libc-utils | 0.7.2-r5 | 间接依赖 | binary |
| zlib | 1.2.13-r1 | 间接依赖 | binary |
| github.com/BurntSushi/toml | v1.3.2 | 间接依赖 | go |
| github.com/gorilla/mux | v1.7.4 | 直接依赖 | go |
| coreutils | 8.32-4.1ubuntu1 | 间接依赖 | binary |
| express | 4.16.4 | 直接依赖 | npm |
| golang.org/x/image | v0.0.0-20210628002857-a66eb6448b8d | 间接依赖 | go |
| github.com/aliyun/aliyun-oss-go-sdk | v2.2.7+incompatible | 直接依赖 | go |
| go.opentelemetry.io/otel/metric | v0.19.0 | 间接依赖 | go |
| github.com/huin/asn1ber | v0.0.0-20120622192748-af09f62e6358 | 直接依赖 | go |
| github.com/jbenet/go-context | v0.0.0-20150711004518-d14ea06fba99 | 间接依赖 | go |
| github.com/docker/go-connections | v0.4.0 | 直接依赖 | go |
| gopkg.in/asn1-ber.v1 | v1.0.0-20181015200546-f715ec2f112d | 间接依赖 | go |
| golang.org/x/xerrors | v0.0.0-20200804184101-5ec99f83aff1 | 间接依赖 | go |
| github.com/h2non/filetype | v1.1.3 | 直接依赖 | go |
| github.com/temoto/robotstxt | v1.1.1 | 间接依赖 | go |
| scheduler | 0.13.6 | 直接依赖 | npm |
| github.com/google/shlex | v0.0.0-20181106134648-c34317bd91bf | 直接依赖 | go |
| rsc.io/qr | v0.2.0 | 直接依赖 | go |
| github.com/xanzy/ssh-agent | v0.3.0 | 间接依赖 | go |
| com.fasterxml.jackson.core:jackson-databind | 2.9.10.6 | 直接依赖 | maven |
| github.com/valyala/bytebufferpool | v1.0.0 | 直接依赖 | go |
| github.com/gorilla/websocket | v1.4.2 | 直接依赖 | go |
| github.com/miekg/dns | v1.1.50 | 直接依赖 | go |
| org.example:example-api | 直接依赖 | maven | |
| github.com/vbatts/tar-split | v0.11.3 | 间接依赖 | go |
| alpine-baselayout | 3.4.3-r1 | 间接依赖 | binary |
| gopkg.in/alexcesaro/quotedprintable.v3 | v3.0.0-20150716171945-2caba252f4dc | 间接依赖 | go |
| github.com/go-sql-driver/mysql | v1.5.0 | 直接依赖 | go |
| github.com/antchfx/xpath | v1.2.1 | 直接依赖 | go |
| github.com/tidwall/gjson | v1.14.4 | 直接依赖 | go |
| ssl_client | 1.36.1-r0 | 间接依赖 | binary |
| github.com/streadway/amqp | v0.0.0-20190827072141-edfb9018d271 | 直接依赖 | go |
| go.uber.org/multierr | v1.6.0 | 间接依赖 | go |
| github.com/containerd/stargz-snapshotter/estargz | v0.14.3 | 间接依赖 | go |
| github.com/opencontainers/image-spec | v1.1.0-rc3 | 间接依赖 | go |
| github.com/mitchellh/go-vnc | v0.0.0-20150629162542-723ed9867aed | 直接依赖 | go |
| github.com/gomodule/redigo | v1.8.4 | 间接依赖 | go |
| github.com/hashicorp/errwrap | v1.1.0 | 间接依赖 | go |
| github.com/DataDog/mmh3 | v0.0.0-20210722141835-012dc69a9e49 | 直接依赖 | go |
| github.com/denisbrodbeck/machineid | v1.0.1 | 直接依赖 | go |
| github.com/lib/pq | v1.1.0 | 间接依赖 | go |
| github.com/mitchellh/go-homedir | v1.1.0 | 间接依赖 | go |
| github.com/goxjs/gl | v0.0.0-20210104184919-e3fafc6f8f2a | 间接依赖 | go |
| github.com/lestrrat/go-strftime | v0.0.0-20180220042222-ba3bf9c1d042 | 间接依赖 | go |
| ca-certificates | 20230311ubuntu0.22.04.1 | 间接依赖 | binary |
| apt | 2.4.9 | 间接依赖 | binary |
| github.com/go-ldap/ldap | v3.0.3+incompatible | 直接依赖 | go |
| go.mongodb.org/mongo-driver | v1.12.1 | 直接依赖 | go |
| golang.org/x/net | v0.16.0 | 直接依赖 | go |
| github.com/go-rod/rod | v0.112.9 | 直接依赖 | go |