基础信息
项目名称:dlvhdr/gh-prs
项目徽章:
仓库地址:https://github.com/pterodactyl/panel
检测报告地址:https://www.murphysec.com/console/report/1721137504580603904/1725773762261377024
此报告由Murphysec提供
漏洞列表
| 漏洞名称 | 漏洞类型 | MPS编号 | CVE编号 | 漏洞等级 |
|---|---|---|---|---|
| Google Golang 资源管理错误漏洞 | 拒绝服务 | MPS-c8am-hbny | CVE-2023-39325 | 高危 |
缺陷组件
| 组件名称 | 版本 | 最小修复版本 | 依赖关系 | 修复建议 |
|---|---|---|---|---|
| golang.org/x/net | v0.8.0 | 0.17.0 | 间接依赖 | 可选修复 |
许可证风险
| 许可证类型 | 相关组件 | 许可证风险 |
|---|---|---|
| MIT | 32 | 低 |
| BSD-3-Clause | 10 | 低 |
| Apache-2.0 | 6 | 低 |
| BSD-2-Clause | 2 | 低 |
| Unlicense | 1 | 低 |
SBOM清单
| 组件名称 | 组件版本 | 是否直接依赖 | 仓库 |
|---|---|---|---|
| github.com/mattn/go-runewidth | v0.0.14 | 间接依赖 | go |
| golang.org/x/crypto | v0.7.0 | 间接依赖 | go |
| github.com/atotto/clipboard | v0.1.4 | 直接依赖 | go |
| github.com/containerd/console | v1.0.4-0.20230313162750-1ae8d489ac81 | 间接依赖 | go |
| github.com/charmbracelet/bubbles | v0.16.1 | 直接依赖 | go |
| github.com/go-playground/universal-translator | v0.18.1 | 间接依赖 | go |
| golang.org/x/text | v0.8.0 | 间接依赖 | go |
| github.com/henvic/httpretty | v0.1.0 | 间接依赖 | go |
| github.com/microcosm-cc/bluemonday | v1.0.21 | 间接依赖 | go |
| github.com/aymanbagabas/go-osc52/v2 | v2.0.1 | 间接依赖 | go |
| github.com/spf13/pflag | v1.0.5 | 间接依赖 | go |
| github.com/rivo/uniseg | v0.4.4 | 间接依赖 | go |
| github.com/platenio/platen/modules/platen | v0.0.0-20230614143927-dd048e2da196 | 间接依赖 | go |
| github.com/inconshreveable/mousetrap | v1.1.0 | 间接依赖 | go |
| github.com/charmbracelet/bubbletea | v0.24.2 | 直接依赖 | go |
| github.com/go-logfmt/logfmt | v0.6.0 | 间接依赖 | go |
| github.com/lucasb-eyer/go-colorful | v1.2.0 | 间接依赖 | go |
| golang.org/x/term | v0.6.0 | 间接依赖 | go |
| github.com/yuin/goldmark | v1.5.2 | 间接依赖 | go |
| github.com/alecthomas/chroma | v0.10.0 | 间接依赖 | go |
| github.com/muesli/ansi | v0.0.0-20211031195517-c9f0611b6c70 | 间接依赖 | go |
| github.com/spf13/cobra | v1.7.0 | 直接依赖 | go |
| github.com/go-playground/locales | v0.14.1 | 间接依赖 | go |
| gopkg.in/yaml.v2 | v2.4.0 | 直接依赖 | go |
| github.com/cli/browser | v1.1.0 | 间接依赖 | go |
| golang.org/x/sync | v0.1.0 | 间接依赖 | go |
| github.com/mattn/go-isatty | v0.0.19 | 间接依赖 | go |
| github.com/gorilla/css | v1.0.0 | 间接依赖 | go |
| github.com/yuin/goldmark-emoji | v1.0.1 | 间接依赖 | go |
| github.com/aymerick/douceur | v0.2.0 | 间接依赖 | go |
| github.com/leodido/go-urn | v1.2.4 | 间接依赖 | go |
| github.com/google/shlex | v0.0.0-20191202100458-e7afc7fbc510 | 间接依赖 | go |
| github.com/gabriel-vasile/mimetype | v1.4.2 | 间接依赖 | go |
| golang.org/x/net | v0.8.0 | 间接依赖 | go |
| github.com/cli/go-gh/v2 | v2.1.0 | 直接依赖 | go |
| github.com/charmbracelet/log | v0.2.3 | 直接依赖 | go |
| github.com/charmbracelet/lipgloss | v0.7.1 | 直接依赖 | go |
| github.com/charmbracelet/glamour | v0.6.0 | 直接依赖 | go |
| github.com/mattn/go-localereader | v0.0.1 | 间接依赖 | go |
| gopkg.in/yaml.v3 | v3.0.1 | 间接依赖 | go |
| github.com/cli/safeexec | v1.0.0 | 间接依赖 | go |
| github.com/thlib/go-timezone-local | v0.0.0-20210907160436-ef149e42d28e | 间接依赖 | go |
| github.com/muesli/termenv | v0.15.2 | 直接依赖 | go |
| github.com/dlclark/regexp2 | v1.7.0 | 间接依赖 | go |
| github.com/go-playground/validator/v10 | v10.15.0 | 直接依赖 | go |
| github.com/muesli/reflow | v0.3.0 | 间接依赖 | go |
| github.com/olekukonko/tablewriter | v0.0.5 | 间接依赖 | go |
| golang.org/x/sys | v0.8.0 | 间接依赖 | go |
| github.com/platenio/platen/modules/schematize | v0.0.0-20230614143927-dd048e2da196 | 间接依赖 | go |
| github.com/kr/text | v0.2.0 | 间接依赖 | go |
| github.com/muesli/cancelreader | v0.2.2 | 间接依赖 | go |
| github.com/cli/shurcooL-graphql | v0.0.3 | 直接依赖 | go |