基础信息
项目名称:yt-dlp/yt-dlp
项目徽章:
仓库地址:https://github.com/pterodactyl/panel
检测报告地址:https://www.murphysec.com/console/report/1720258909920727040/1720258910403072000
此报告由Murphysec提供
漏洞列表
| 漏洞名称 | 漏洞类型 | MPS编号 | CVE编号 | 漏洞等级 |
|---|---|---|---|---|
| Requests Proxy-Authorization 标头泄露漏洞 | 未授权敏感信息泄露 | MPS-hr61-tzey | CVE-2023-32681 | 中危 |
缺陷组件
| 组件名称 | 版本 | 最小修复版本 | 依赖关系 | 修复建议 |
|---|---|---|---|---|
| requests | 2.27.1 | 2.31.0 | 间接依赖 | 建议修复 |
许可证风险
| 许可证类型 | 相关组件 | 许可证风险 |
|---|---|---|
| Apache-2.0 | 2 | 低 |
| ISC | 1 | 低 |
| MIT | 5 | 低 |
| 自定义许可证 | 2 | 低 |
| BSD-3-Clause | 1 | 低 |
SBOM清单
| 组件名称 | 组件版本 | 是否直接依赖 | 仓库 |
|---|---|---|---|
| url_or_none | 间接依赖 | pip | |
| compat_str | 间接依赖 | pip | |
| Germany | 间接依赖 | pip | |
| HEADRequest | 间接依赖 | pip | |
| requests | 2.27.1 | 间接依赖 | pip |
| srt | 间接依赖 | pip | |
| urljoin | 间接依赖 | pip | |
| short | 间接依赖 | pip | |
| YoutubeIE | 间接依赖 | pip | |
| a | 间接依赖 | pip | |
| Vandal | 间接依赖 | pip | |
| js_to_json | 间接依赖 | pip | |
| WebSocketsWrapper | 间接依赖 | pip | |
| SearchInfoExtractor | 间接依赖 | pip | |
| compat_urllib_parse_urlparse | 间接依赖 | pip | |
| escapeHTML | 间接依赖 | pip | |
| compat_realpath | 间接依赖 | pip | |
| my | 间接依赖 | pip | |
| network_exceptions | 间接依赖 | pip | |
| determine_ext | 间接依赖 | pip | |
| neverland | 间接依赖 | pip | |
| this | 间接依赖 | pip | |
| concrete | 间接依赖 | pip | |
| formatSeconds | 间接依赖 | pip | |
| clean_html | 间接依赖 | pip | |
| YoutubeBaseInfoExtractor | 间接依赖 | pip | |
| expand_path | 间接依赖 | pip | |
| PeriscopeIE | 间接依赖 | pip | |
| parse_iso8601 | 间接依赖 | pip | |
| Mississauga | 间接依赖 | pip | |
| xpath_text | 间接依赖 | pip | |
| PeriscopeBaseIE | 间接依赖 | pip | |
| preferredencoding | 间接依赖 | pip | |
| unescapeHTML | 间接依赖 | pip | |
| Android | 间接依赖 | pip | |
| T4G | 间接依赖 | pip | |
| FFmpegPostProcessor | 间接依赖 | pip | |
| str_or_none | 间接依赖 | pip | |
| Namespace | 间接依赖 | pip | |
| parse_duration | 间接依赖 | pip | |
| aes_ecb_encrypt | 间接依赖 | pip | |
| compat_b64decode | 间接依赖 | pip | |
| timedelta | 间接依赖 | pip | |
| function | 间接依赖 | pip | |
| PACKAGE_NAME | 间接依赖 | pip | |
| InfoExtractor | 间接依赖 | pip | |
| compat_ord | 间接依赖 | pip | |
| compat_parse_qs | 间接依赖 | pip | |
| websockets | 间接依赖 | pip | |
| urlparse | 间接依赖 | pip | |
| timezone | 间接依赖 | pip | |
| ExtractorError | 间接依赖 | pip | |
| url | 间接依赖 | pip | |
| the | 间接依赖 | pip | |
| aes_cbc_decrypt_bytes | 间接依赖 | pip | |
| HTTPError | 间接依赖 | pip | |
| OnDemandPagedList | 间接依赖 | pip | |
| compat_urllib_parse_unquote | 间接依赖 | pip | |
| her | 间接依赖 | pip | |
| DownloadError | 间接依赖 | pip | |
| FFmpegThumbnailsConvertorPP | 间接依赖 | pip | |
| remove_end | 间接依赖 | pip | |
| Montreal | 间接依赖 | pip | |
| int_or_none | 间接依赖 | pip | |
| compat_urlparse | 间接依赖 | pip | |
| encodeFilename | 间接依赖 | pip | |
| xattr | 间接依赖 | pip | |
| intlist_to_bytes | 间接依赖 | pip | |
| Request | 间接依赖 | pip | |
| write_string | 间接依赖 | pip | |
| Cryptodome | 间接依赖 | pip | |
| merge_dicts | 间接依赖 | pip | |
| strip_or_none | 间接依赖 | pip | |
| SUPPORTED_BROWSERS | 间接依赖 | pip | |
| parse_qs | 间接依赖 | pip | |
| self | 间接依赖 | pip | |
| bytes_to_intlist | 间接依赖 | pip | |
| make_archive_id | 间接依赖 | pip | |
| vjs | 间接依赖 | pip | |
| smuggle_url | 间接依赖 | pip | |
| Red | 间接依赖 | pip | |
| webpage | 间接依赖 | pip | |
| WeVidi | 间接依赖 | pip | |
| get_base_url | 间接依赖 | pip | |
| brotli | 间接依赖 | pip | |
| supports_terminal_sequences | 间接依赖 | pip | |
| try_call | 间接依赖 | pip | |
| default_ns | 间接依赖 | pip | |
| compat_shlex_quote | 间接依赖 | pip | |
| sorted | 间接依赖 | pip | |
| update_url_query | 间接依赖 | pip | |
| float_or_none | 间接依赖 | pip | |
| pkcs7_padding | 间接依赖 | pip | |
| ya | 间接依赖 | pip | |
| unpad_pkcs7 | 间接依赖 | pip | |
| fix_xml_ampersands | 间接依赖 | pip | |
| SUPPORTED_KEYRINGS | 间接依赖 | pip | |
| directories | 间接依赖 | pip | |
| EXT_TO_OUT_FORMATS | 间接依赖 | pip | |
| ThePlatformIE | 间接依赖 | pip | |
| remove_encrypted_media | 间接依赖 | pip | |
| traverse_obj | 间接依赖 | pip | |
| filter_dict | 间接依赖 | pip | |
| yt_dlp | 间接依赖 | pip | |
| remove_start | 间接依赖 | pip | |
| check_executable | 间接依赖 | pip | |
| Warcraft | 间接依赖 | pip | |
| FFmpegSubtitlesConvertorPP | 间接依赖 | pip | |
| https | 间接依赖 | pip |