基础信息
项目名称:apollographql/apollo-client-devtools
项目徽章:
仓库地址:https://github.com/pterodactyl/panel
检测报告地址:https://www.murphysec.com/console/report/1721948706440548352/1721948707317157888
此报告由Murphysec提供
漏洞列表
| 漏洞名称 | 漏洞类型 | MPS编号 | CVE编号 | 漏洞等级 |
|---|---|---|---|---|
| polished 存在拒绝服务漏洞 | 拒绝服务 | MPS-2022-13975 | 低危 |
缺陷组件
| 组件名称 | 版本 | 最小修复版本 | 依赖关系 | 修复建议 |
|---|---|---|---|---|
| polished | 4.1.1 | 4.1.3 | 间接依赖 | 可选修复 |
许可证风险
| 许可证类型 | 相关组件 | 许可证风险 |
|---|---|---|
| MIT | 140 | 低 |
| BSD-3-Clause | 3 | 低 |
| ISC | 1 | 低 |
| Apache-2.0 | 12 | 低 |
| 自定义许可证 | 1 | 低 |
| 0BSD | 3 | 低 |
SBOM清单
| 组件名称 | 组件版本 | 是否直接依赖 | 仓库 |
|---|---|---|---|
| @radix-ui/react-roving-focus | 1.0.2 | 间接依赖 | npm |
| fault | 1.0.4 | 间接依赖 | npm |
| csstype | 3.1.1 | 间接依赖 | npm |
| zen-observable | 0.10.0 | 间接依赖 | npm |
| hoist-non-react-statics | 3.3.2 | 间接依赖 | npm |
| copy-to-clipboard | 3.3.1 | 间接依赖 | npm |
| yaml | 1.10.2 | 间接依赖 | npm |
| @react-aria/switch | 3.4.0 | 间接依赖 | npm |
| space-separated-tokens | 1.1.5 | 间接依赖 | npm |
| @headlessui/react | 1.7.17 | 间接依赖 | npm |
| is-core-module | 2.13.0 | 间接依赖 | npm |
| prismjs | 1.27.0 | 间接依赖 | npm |
| @types/lodash | 4.14.191 | 间接依赖 | npm |
| regenerator-runtime | 0.13.11 | 间接依赖 | npm |
| stylis | 4.2.0 | 间接依赖 | npm |
| @react-types/checkbox | 3.4.2 | 间接依赖 | npm |
| @radix-ui/primitive | 1.0.0 | 间接依赖 | npm |
| @babel/highlight | 7.22.13 | 间接依赖 | npm |
| character-reference-invalid | 1.1.4 | 间接依赖 | npm |
| function-bind | 1.1.1 | 间接依赖 | npm |
| prism-react-renderer | 2.0.6 | 间接依赖 | npm |
| js-tokens | 4.0.0 | 间接依赖 | npm |
| @emotion/memoize | 0.8.1 | 间接依赖 | npm |
| @radix-ui/react-direction | 1.0.0 | 间接依赖 | npm |
| color-convert | 1.9.3 | 间接依赖 | npm |
| highlight.js | 10.7.3 | 间接依赖 | npm |
| @types/base16 | 1.0.2 | 间接依赖 | npm |
| @react-aria/utils | 3.15.0 | 间接依赖 | npm |
| client-only | 0.0.1 | 间接依赖 | npm |
| @emotion/utils | 1.2.1 | 间接依赖 | npm |
| @radix-ui/react-presence | 1.0.0 | 间接依赖 | npm |
| react | 18.2.0 | 间接依赖 | npm |
| prismjs | 1.29.0 | 间接依赖 | npm |
| @react-types/switch | 3.3.0 | 间接依赖 | npm |
| supports-color | 5.5.0 | 间接依赖 | npm |
| @swc/helpers | 0.4.14 | 间接依赖 | npm |
| hastscript | 6.0.0 | 间接依赖 | npm |
| path-parse | 1.0.7 | 间接依赖 | npm |
| simple-swizzle | 0.2.2 | 间接依赖 | npm |
| lines-and-columns | 1.1.6 | 间接依赖 | npm |
| format | 0.2.2 | 间接依赖 | npm |
| is-alphanumerical | 1.0.4 | 间接依赖 | npm |
| @emotion/sheet | 1.2.2 | 间接依赖 | npm |
| react-json-tree | 0.18.0 | 间接依赖 | npm |
| xtend | 4.0.2 | 间接依赖 | npm |
| @radix-ui/react-primitive | 1.0.1 | 间接依赖 | npm |
| tippy.js | 6.3.7 | 间接依赖 | npm |
| compute-scroll-into-view | 1.0.16 | 间接依赖 | npm |
| graphql-tag | 2.12.6 | 间接依赖 | npm |
| zen-observable-ts | 1.2.5 | 间接依赖 | npm |
| json-parse-even-better-errors | 2.3.1 | 间接依赖 | npm |
| react-resizable-panels | 0.0.55 | 间接依赖 | npm |
| @emotion/weak-memoize | 0.3.1 | 间接依赖 | npm |
| optimism | 0.16.2 | 间接依赖 | npm |
| @radix-ui/react-context | 1.0.0 | 间接依赖 | npm |
| react-is | 17.0.1 | 间接依赖 | npm |
| @radix-ui/react-use-layout-effect | 1.0.0 | 间接依赖 | npm |
| @wry/context | 0.7.0 | 间接依赖 | npm |
| tslib | 2.4.1 | 间接依赖 | npm |
| base16 | 1.0.0 | 间接依赖 | npm |
| @radix-ui/react-id | 1.0.0 | 间接依赖 | npm |
| @types/prop-types | 15.7.3 | 间接依赖 | npm |
| @babel/helper-validator-identifier | 7.22.5 | 间接依赖 | npm |
| @radix-ui/react-tabs | 1.0.2 | 间接依赖 | npm |
| prop-types | 15.8.1 | 间接依赖 | npm |
| tinycolor2 | 1.4.2 | 间接依赖 | npm |
| has-flag | 3.0.0 | 间接依赖 | npm |
| react-base16-styling | 0.9.1 | 间接依赖 | npm |
| @types/classnames | 2.2.11 | 间接依赖 | npm |
| parent-module | 1.0.1 | 间接依赖 | npm |
| supports-preserve-symlinks-flag | 1.0.0 | 间接依赖 | npm |
| find-root | 1.1.0 | 间接依赖 | npm |
| is-hexadecimal | 1.0.4 | 间接依赖 | npm |
| classnames | 2.2.6 | 间接依赖 | npm |
| symbol-observable | 4.0.0 | 间接依赖 | npm |
| @wry/equality | 0.5.3 | 间接依赖 | npm |
| @radix-ui/react-use-callback-ref | 1.0.0 | 间接依赖 | npm |
| @types/tinycolor2 | 1.4.2 | 间接依赖 | npm |
| zen-observable | 0.8.15 | 间接依赖 | npm |
| @types/unist | 2.0.6 | 间接依赖 | npm |
| ansi-styles | 3.2.1 | 间接依赖 | npm |
| parse-json | 5.2.0 | 间接依赖 | npm |
| use-deep-compare-effect | 1.6.1 | 间接依赖 | npm |
| @types/parse-json | 4.0.0 | 间接依赖 | npm |
| is-arrayish | 0.2.1 | 间接依赖 | npm |
| lodash.curry | 4.1.1 | 间接依赖 | npm |
| lowlight | 1.20.0 | 间接依赖 | npm |
| character-entities | 1.2.4 | 间接依赖 | npm |
| @emotion/cache | 11.11.0 | 间接依赖 | npm |
| @react-aria/interactions | 3.14.0 | 间接依赖 | npm |
| @react-aria/toggle | 3.5.0 | 间接依赖 | npm |
| react-is | 16.13.1 | 间接依赖 | npm |
| parse-entities | 2.0.0 | 间接依赖 | npm |
| resolve-from | 4.0.0 | 间接依赖 | npm |
| react-syntax-highlighter | 15.5.0 | 间接依赖 | npm |
| comma-separated-tokens | 1.0.8 | 间接依赖 | npm |
| @emotion/react | 11.11.1 | 间接依赖 | npm |
| @react-aria/ssr | 3.5.0 | 间接依赖 | npm |
| error-ex | 1.3.2 | 间接依赖 | npm |
| @wry/trie | 0.3.2 | 间接依赖 | npm |
| has | 1.0.3 | 间接依赖 | npm |
| refractor | 3.6.0 | 间接依赖 | npm |
| @types/scheduler | 0.16.2 | 间接依赖 | npm |
| @react-stately/toggle | 3.5.0 | 间接依赖 | npm |
| @emotion/unitless | 0.8.1 | 间接依赖 | npm |
| @types/prismjs | 1.26.0 | 间接依赖 | npm |
| ts-invariant | 0.10.3 | 间接依赖 | npm |
| @react-aria/focus | 3.11.0 | 间接依赖 | npm |
| response-iterator | 0.2.6 | 间接依赖 | npm |
| @react-stately/utils | 3.6.0 | 间接依赖 | npm |
| lodash | 4.17.21 | 间接依赖 | npm |
| @popperjs/core | 2.11.6 | 间接依赖 | npm |
| chalk | 2.4.2 | 间接依赖 | npm |
| @apollo/client | 3.7.10 | 间接依赖 | npm |
| graphql | 16.8.1 | 间接依赖 | npm |
| object-assign | 4.1.1 | 间接依赖 | npm |
| hast-util-parse-selector | 2.2.5 | 间接依赖 | npm |
| @tippyjs/react | 4.2.6 | 间接依赖 | npm |
| @radix-ui/react-slot | 1.0.1 | 间接依赖 | npm |
| @types/hast | 2.3.4 | 间接依赖 | npm |
| resolve | 1.22.4 | 间接依赖 | npm |
| @apollo/space-kit | 9.11.0 | 间接依赖 | npm |
| @emotion/babel-plugin | 11.11.0 | 间接依赖 | npm |
| @radix-ui/react-collection | 1.0.1 | 间接依赖 | npm |
| downshift | 6.1.0 | 间接依赖 | npm |
| callsites | 3.1.0 | 间接依赖 | npm |
| @react-types/shared | 3.17.0 | 间接依赖 | npm |
| escape-string-regexp | 1.0.5 | 间接依赖 | npm |
| is-alphabetical | 1.0.4 | 间接依赖 | npm |
| source-map | 0.5.7 | 间接依赖 | npm |
| character-entities-legacy | 1.1.4 | 间接依赖 | npm |
| react-copy-to-clipboard | 5.1.0 | 间接依赖 | npm |
| @types/react | 17.0.53 | 间接依赖 | npm |
| dequal | 2.0.2 | 间接依赖 | npm |
| @babel/runtime | 7.21.0 | 间接依赖 | npm |
| @emotion/hash | 0.9.1 | 间接依赖 | npm |
| color-string | 1.9.1 | 间接依赖 | npm |
| safe-buffer | 5.1.2 | 间接依赖 | npm |
| @emotion/serialize | 1.1.2 | 间接依赖 | npm |
| is-arrayish | 0.3.2 | 间接依赖 | npm |
| @emotion/use-insertion-effect-with-fallbacks | 1.0.1 | 间接依赖 | npm |
| property-information | 5.6.0 | 间接依赖 | npm |
| escape-string-regexp | 4.0.0 | 间接依赖 | npm |
| babel-plugin-macros | 3.1.0 | 间接依赖 | npm |
| @heroicons/react | 2.0.18 | 间接依赖 | npm |
| react-dom | 18.2.0 | 间接依赖 | npm |
| import-fresh | 3.3.0 | 间接依赖 | npm |
| tslib | 2.1.0 | 间接依赖 | npm |
| @babel/code-frame | 7.22.13 | 间接依赖 | npm |
| @radix-ui/react-compose-refs | 1.0.0 | 间接依赖 | npm |
| loose-envify | 1.4.0 | 间接依赖 | npm |
| @react-aria/visually-hidden | 3.7.0 | 间接依赖 | npm |
| @babel/helper-string-parser | 7.22.5 | 间接依赖 | npm |
| @babel/helper-module-imports | 7.22.5 | 间接依赖 | npm |
| cosmiconfig | 7.1.0 | 间接依赖 | npm |
| color | 3.2.1 | 间接依赖 | npm |
| scheduler | 0.23.0 | 间接依赖 | npm |
| to-fast-properties | 2.0.0 | 间接依赖 | npm |
| @babel/types | 7.22.11 | 间接依赖 | npm |
| polished | 4.1.1 | 间接依赖 | npm |
| @radix-ui/react-use-controllable-state | 1.0.0 | 间接依赖 | npm |
| color-name | 1.1.3 | 间接依赖 | npm |
| convert-source-map | 1.7.0 | 间接依赖 | npm |
| toggle-selection | 1.0.6 | 间接依赖 | npm |
| path-type | 4.0.0 | 间接依赖 | npm |
| @graphql-typed-document-node/core | 3.2.0 | 间接依赖 | npm |
| tslib | 2.5.0 | 间接依赖 | npm |
| clsx | 1.2.1 | 间接依赖 | npm |
| is-decimal | 1.0.4 | 间接依赖 | npm |