基础信息
项目名称:kaola-fed/foxman
项目徽章:
仓库地址:https://github.com/pterodactyl/panel
检测报告地址:https://www.murphysec.com/console/report/1721331074805039104/1724391114498596864
此报告由Murphysec提供
漏洞列表
暂无
缺陷组件
暂无
许可证风险
| 许可证类型 | 相关组件 | 许可证风险 |
|---|---|---|
| Apache-2.0 | 2 | 低 |
| MIT | 89 | 低 |
| ISC | 16 | 低 |
| 自定义许可证 | 1 | 低 |
| BSD-2-Clause | 2 | 低 |
| BSD-3-Clause | 1 | 低 |
SBOM清单
| 组件名称 | 组件版本 | 是否直接依赖 | 仓库 |
|---|---|---|---|
| validate-npm-package-license | http://rnpm.hz.netease.com/validate-npm-package-license/download/validate-npm-package-license-3.0.1.tgz | 间接依赖 | npm |
| @foxman/helpers | 1.1.0 | 间接依赖 | npm |
| ini | https://registry.npmjs.org/ini/-/ini-1.3.4.tgz | 间接依赖 | npm |
| y18n | http://rnpm.hz.netease.com/y18n/download/y18n-3.2.1.tgz | 间接依赖 | npm |
| onetime | 2.0.1 | 间接依赖 | npm |
| cli-spinners | 1.3.1 | 间接依赖 | npm |
| invert-kv | http://rnpm.hz.netease.com/invert-kv/download/invert-kv-1.0.0.tgz | 间接依赖 | npm |
| write-file-atomic | https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-2.1.0.tgz | 间接依赖 | npm |
| signal-exit | http://rnpm.hz.netease.com/signal-exit/download/signal-exit-3.0.2.tgz | 间接依赖 | npm |
| prepend-http | https://registry.npmjs.org/prepend-http/-/prepend-http-1.0.4.tgz | 间接依赖 | npm |
| has-ansi | http://rnpm.hz.netease.com/has-ansi/download/has-ansi-2.0.0.tgz | 间接依赖 | npm |
| lru-cache | http://rnpm.hz.netease.com/lru-cache/download/lru-cache-4.1.1.tgz | 间接依赖 | npm |
| string-width | http://rnpm.hz.netease.com/string-width/download/string-width-2.1.1.tgz | 间接依赖 | npm |
| ansi-styles | https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.0.tgz | 间接依赖 | npm |
| os-locale | http://rnpm.hz.netease.com/os-locale/download/os-locale-1.4.0.tgz | 间接依赖 | npm |
| timed-out | https://registry.npmjs.org/timed-out/-/timed-out-4.0.1.tgz | 间接依赖 | npm |
| read-pkg | http://rnpm.hz.netease.com/read-pkg/download/read-pkg-1.1.0.tgz | 间接依赖 | npm |
| unzip-response | https://registry.npmjs.org/unzip-response/-/unzip-response-2.0.1.tgz | 间接依赖 | npm |
| wrap-ansi | http://rnpm.hz.netease.com/wrap-ansi/download/wrap-ansi-2.1.0.tgz | 间接依赖 | npm |
| semver | http://rnpm.hz.netease.com/semver/download/semver-5.4.1.tgz | 间接依赖 | npm |
| latest-version | https://registry.npmjs.org/latest-version/-/latest-version-3.1.0.tgz | 间接依赖 | npm |
| configstore | https://registry.npmjs.org/configstore/-/configstore-3.1.1.tgz | 间接依赖 | npm |
| which | http://rnpm.hz.netease.com/which/download/which-1.3.0.tgz | 间接依赖 | npm |
| pinkie | http://rnpm.hz.netease.com/pinkie/download/pinkie-2.0.4.tgz | 间接依赖 | npm |
| is-obj | https://registry.npmjs.org/is-obj/-/is-obj-1.0.1.tgz | 间接依赖 | npm |
| get-caller-file | http://rnpm.hz.netease.com/get-caller-file/download/get-caller-file-1.0.2.tgz | 间接依赖 | npm |
| strip-eof | http://rnpm.hz.netease.com/strip-eof/download/strip-eof-1.0.0.tgz | 间接依赖 | npm |
| yargs-parser | https://registry.npmjs.org/yargs-parser/-/yargs-parser-5.0.0.tgz | 间接依赖 | npm |
| cliui | http://rnpm.hz.netease.com/cliui/download/cliui-3.2.0.tgz | 间接依赖 | npm |
| create-error-class | https://registry.npmjs.org/create-error-class/-/create-error-class-3.0.2.tgz | 间接依赖 | npm |
| error-ex | http://rnpm.hz.netease.com/error-ex/download/error-ex-1.3.1.tgz | 间接依赖 | npm |
| is-utf8 | http://rnpm.hz.netease.com/is-utf8/download/is-utf8-0.2.1.tgz | 间接依赖 | npm |
| path-type | http://rnpm.hz.netease.com/path-type/download/path-type-1.1.0.tgz | 间接依赖 | npm |
| lcid | http://rnpm.hz.netease.com/lcid/download/lcid-1.0.0.tgz | 间接依赖 | npm |
| camelcase | http://rnpm.hz.netease.com/camelcase/download/camelcase-4.1.0.tgz | 间接依赖 | npm |
| cli-boxes | http://rnpm.hz.netease.com/cli-boxes/download/cli-boxes-1.0.0.tgz | 间接依赖 | npm |
| is-retry-allowed | https://registry.npmjs.org/is-retry-allowed/-/is-retry-allowed-1.1.0.tgz | 间接依赖 | npm |
| restore-cursor | 2.0.0 | 间接依赖 | npm |
| has-flag | https://registry.npmjs.org/has-flag/-/has-flag-2.0.0.tgz | 间接依赖 | npm |
| color-convert | https://registry.npmjs.org/color-convert/-/color-convert-1.9.0.tgz | 间接依赖 | npm |
| strip-bom | http://rnpm.hz.netease.com/strip-bom/download/strip-bom-2.0.0.tgz | 间接依赖 | npm |
| term-size | https://registry.npmjs.org/term-size/-/term-size-1.2.0.tgz | 间接依赖 | npm |
| chalk | http://rnpm.hz.netease.com/chalk/download/chalk-1.1.3.tgz | 间接依赖 | npm |
| yargs | https://registry.npmjs.org/yargs/-/yargs-7.1.0.tgz | 直接依赖 | npm |
| path-exists | http://rnpm.hz.netease.com/path-exists/download/path-exists-2.1.0.tgz | 间接依赖 | npm |
| find-up | http://rnpm.hz.netease.com/find-up/download/find-up-1.1.2.tgz | 间接依赖 | npm |
| require-main-filename | http://rnpm.hz.netease.com/require-main-filename/download/require-main-filename-1.0.1.tgz | 间接依赖 | npm |
| make-dir | https://registry.npmjs.org/make-dir/-/make-dir-1.0.0.tgz | 间接依赖 | npm |
| registry-auth-token | https://registry.npmjs.org/registry-auth-token/-/registry-auth-token-3.3.1.tgz | 间接依赖 | npm |
| color-name | https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz | 间接依赖 | npm |
| require-directory | http://rnpm.hz.netease.com/require-directory/download/require-directory-2.1.1.tgz | 间接依赖 | npm |
| strip-json-comments | http://rnpm.hz.netease.com/strip-json-comments/download/strip-json-comments-2.0.1.tgz | 间接依赖 | npm |
| ansi-align | https://registry.npmjs.org/ansi-align/-/ansi-align-2.0.0.tgz | 间接依赖 | npm |
| unique-string | https://registry.npmjs.org/unique-string/-/unique-string-1.0.0.tgz | 间接依赖 | npm |
| boxen | https://registry.npmjs.org/boxen/-/boxen-1.2.1.tgz | 间接依赖 | npm |
| ansi-regex | http://rnpm.hz.netease.com/ansi-regex/download/ansi-regex-3.0.0.tgz | 间接依赖 | npm |
| imurmurhash | http://rnpm.hz.netease.com/imurmurhash/download/imurmurhash-0.1.4.tgz | 间接依赖 | npm |
| hosted-git-info | http://rnpm.hz.netease.com/hosted-git-info/download/hosted-git-info-2.5.0.tgz | 间接依赖 | npm |
| import-lazy | https://registry.npmjs.org/import-lazy/-/import-lazy-2.1.0.tgz | 间接依赖 | npm |
| cross-spawn | http://rnpm.hz.netease.com/cross-spawn/download/cross-spawn-5.1.0.tgz | 间接依赖 | npm |
| pluginify | 0.0.1 | 直接依赖 | npm |
| update-notifier | https://registry.npmjs.org/update-notifier/-/update-notifier-2.2.0.tgz | 直接依赖 | npm |
| p-finally | http://rnpm.hz.netease.com/p-finally/download/p-finally-1.0.0.tgz | 间接依赖 | npm |
| semver-diff | https://registry.npmjs.org/semver-diff/-/semver-diff-2.1.0.tgz | 间接依赖 | npm |
| is-fullwidth-code-point | http://rnpm.hz.netease.com/is-fullwidth-code-point/download/is-fullwidth-code-point-2.0.0.tgz | 间接依赖 | npm |
| which-module | http://rnpm.hz.netease.com/which-module/download/which-module-1.0.0.tgz | 间接依赖 | npm |
| graceful-fs | http://rnpm.hz.netease.com/graceful-fs/download/graceful-fs-4.1.11.tgz | 间接依赖 | npm |
| spdx-correct | http://rnpm.hz.netease.com/spdx-correct/download/spdx-correct-1.0.2.tgz | 间接依赖 | npm |
| lowercase-keys | https://registry.npmjs.org/lowercase-keys/-/lowercase-keys-1.0.0.tgz | 间接依赖 | npm |
| parse-json | http://rnpm.hz.netease.com/parse-json/download/parse-json-2.2.0.tgz | 间接依赖 | npm |
| crypto-random-string | https://registry.npmjs.org/crypto-random-string/-/crypto-random-string-1.0.0.tgz | 间接依赖 | npm |
| read-pkg-up | http://rnpm.hz.netease.com/read-pkg-up/download/read-pkg-up-1.0.1.tgz | 间接依赖 | npm |
| escape-string-regexp | http://rnpm.hz.netease.com/escape-string-regexp/download/escape-string-regexp-1.0.5.tgz | 间接依赖 | npm |
| is-stream | http://rnpm.hz.netease.com/is-stream/download/is-stream-1.1.0.tgz | 间接依赖 | npm |
| co | 4.6.0 | 间接依赖 | npm |
| widest-line | http://rnpm.hz.netease.com/widest-line/download/widest-line-1.0.0.tgz | 间接依赖 | npm |
| pinkie-promise | http://rnpm.hz.netease.com/pinkie-promise/download/pinkie-promise-2.0.1.tgz | 间接依赖 | npm |
| npm-run-path | http://rnpm.hz.netease.com/npm-run-path/download/npm-run-path-2.0.2.tgz | 间接依赖 | npm |
| is-builtin-module | http://rnpm.hz.netease.com/is-builtin-module/download/is-builtin-module-1.0.0.tgz | 间接依赖 | npm |
| ora | 1.4.0 | 间接依赖 | npm |
| xdg-basedir | https://registry.npmjs.org/xdg-basedir/-/xdg-basedir-3.0.0.tgz | 间接依赖 | npm |
| builtin-modules | http://rnpm.hz.netease.com/builtin-modules/download/builtin-modules-1.1.1.tgz | 间接依赖 | npm |
| cli-cursor | 2.1.0 | 间接依赖 | npm |
| supports-color | https://registry.npmjs.org/supports-color/-/supports-color-4.2.1.tgz | 间接依赖 | npm |
| is-redirect | https://registry.npmjs.org/is-redirect/-/is-redirect-1.0.0.tgz | 间接依赖 | npm |
| is-npm | https://registry.npmjs.org/is-npm/-/is-npm-1.0.0.tgz | 间接依赖 | npm |
| slide | https://registry.npmjs.org/slide/-/slide-1.1.6.tgz | 间接依赖 | npm |
| get-stream | http://rnpm.hz.netease.com/get-stream/download/get-stream-3.0.0.tgz | 间接依赖 | npm |
| dot-prop | https://registry.npmjs.org/dot-prop/-/dot-prop-4.2.0.tgz | 间接依赖 | npm |
| safe-buffer | http://rnpm.hz.netease.com/safe-buffer/download/safe-buffer-5.1.1.tgz | 间接依赖 | npm |
| execa | http://rnpm.hz.netease.com/execa/download/execa-0.7.0.tgz | 间接依赖 | npm |
| deep-extend | https://registry.npmjs.org/deep-extend/-/deep-extend-0.4.2.tgz | 间接依赖 | npm |
| log-symbols | 2.2.0 | 间接依赖 | npm |
| strip-ansi | http://rnpm.hz.netease.com/strip-ansi/download/strip-ansi-4.0.0.tgz | 间接依赖 | npm |
| code-point-at | http://rnpm.hz.netease.com/code-point-at/download/code-point-at-1.1.0.tgz | 直接依赖 | npm |
| normalize-package-data | http://rnpm.hz.netease.com/normalize-package-data/download/normalize-package-data-2.4.0.tgz | 间接依赖 | npm |
| capture-stack-trace | https://registry.npmjs.org/capture-stack-trace/-/capture-stack-trace-1.0.0.tgz | 间接依赖 | npm |
| duplexer3 | https://registry.npmjs.org/duplexer3/-/duplexer3-0.1.4.tgz | 间接依赖 | npm |
| set-blocking | http://rnpm.hz.netease.com/set-blocking/download/set-blocking-2.0.0.tgz | 间接依赖 | npm |
| minimist | https://registry.npmjs.org/minimist/-/minimist-1.2.0.tgz | 间接依赖 | npm |
| load-json-file | http://rnpm.hz.netease.com/load-json-file/download/load-json-file-1.1.0.tgz | 间接依赖 | npm |
| got | https://registry.npmjs.org/got/-/got-6.7.1.tgz | 间接依赖 | npm |
| registry-url | https://registry.npmjs.org/registry-url/-/registry-url-3.1.0.tgz | 间接依赖 | npm |
| url-parse-lax | https://registry.npmjs.org/url-parse-lax/-/url-parse-lax-1.0.0.tgz | 间接依赖 | npm |
| package-json | https://registry.npmjs.org/package-json/-/package-json-4.0.1.tgz | 间接依赖 | npm |
| number-is-nan | http://rnpm.hz.netease.com/number-is-nan/download/number-is-nan-1.0.1.tgz | 直接依赖 | npm |
| path-key | http://rnpm.hz.netease.com/path-key/download/path-key-2.0.1.tgz | 间接依赖 | npm |
| rc | https://registry.npmjs.org/rc/-/rc-1.2.1.tgz | 间接依赖 | npm |
| pify | http://rnpm.hz.netease.com/pify/download/pify-2.3.0.tgz | 间接依赖 | npm |
| spdx-expression-parse | http://rnpm.hz.netease.com/spdx-expression-parse/download/spdx-expression-parse-1.0.4.tgz | 间接依赖 | npm |
| mimic-fn | 1.2.0 | 间接依赖 | npm |
| shebang-command | http://rnpm.hz.netease.com/shebang-command/download/shebang-command-1.2.0.tgz | 间接依赖 | npm |
| decamelize | http://rnpm.hz.netease.com/decamelize/download/decamelize-1.2.0.tgz | 间接依赖 | npm |