1. 墨知首页
  2. 软件分析

ChatSecure/ChatSecure-iOS 软件分析报告

软件分析
目录 隐藏
1 基础信息
2 漏洞列表
3 缺陷组件
4 许可证风险
5 SBOM清单

基础信息

项目名称:ChatSecure/ChatSecure-iOS

项目徽章:

Security Status

仓库地址:https://github.com/pterodactyl/panel

检测报告地址:https://www.murphysec.com/console/report/1721083532842962944/1729165939697471488

此报告由Murphysec提供

漏洞列表

漏洞名称 漏洞类型 MPS编号 CVE编号 漏洞等级
Ruby TZInfo 存在相对路径遍历 相对路径遍历 MPS-2022-11193 CVE-2022-31163 高危
jmespath.rb 安全漏洞 MPS-2022-17561 CVE-2022-32511 严重
cocoapods-downloader 安全漏洞 参数注入或修改 MPS-2022-5053 CVE-2022-21223 严重
cocoapods-downloader 安全漏洞 参数注入或修改 MPS-2022-5091 CVE-2022-24440 严重
rubygem-activesupport 安全漏洞 ReDoS MPS-2023-0494 CVE-2023-22796 高危

缺陷组件

组件名称 版本 最小修复版本 依赖关系 修复建议
cocoapods-downloader 1.4.0 1.6.3 间接依赖 建议修复
jmespath 1.4.0 1.6.1 间接依赖 建议修复
activesupport 5.2.6 6.1.7.1 间接依赖 建议修复
tzinfo 1.2.9 1.2.10 间接依赖 建议修复

许可证风险

许可证类型 相关组件 许可证风险
自定义许可证 10
MIT 12
Apache-2.0 3
Apache-2.0 OR MIT 1

SBOM清单

组件名称 组件版本 是否直接依赖 仓库
artifactory 3.0.15 间接依赖 bundler
NBUCore 2.1.0 间接依赖 cocoapods
ruby2_keywords 0.0.5 间接依赖 bundler
google-apis-storage_v1 0.6.0 间接依赖 bundler
google-apis-androidpublisher_v3 0.10.0 间接依赖 bundler
MWFeedParser/NSString 间接依赖 cocoapods
typhoeus 1.4.0 间接依赖 bundler
Mantle 2.1.6 间接依赖 cocoapods
YapTaskQueue/SQLCipher 0.3.0 间接依赖 cocoapods
google-cloud-env 1.5.0 间接依赖 bundler
nanaimo 0.3.0 间接依赖 bundler
XLForm 4.3.0 间接依赖 cocoapods
YapDatabase/SQLCipher-ObjC/Extensions/FullTextSearch 4.0.1 间接依赖 cocoapods
faraday-httpclient 1.0.1 间接依赖 bundler
i18n 1.8.10 间接依赖 bundler
aws-sdk-s3 1.98.0 间接依赖 bundler
ruby-macho 1.4.0 间接依赖 bundler
YapDatabase/SQLCipher-ObjC/Extensions/CrossProcessNotification 4.0.1 间接依赖 cocoapods
JTSImageViewController 1.5.1 间接依赖 cocoapods
KVOController 1.2.0 间接依赖 cocoapods
aws-partitions 1.484.0 间接依赖 bundler
GCDWebServer 3.5.4 间接依赖 cocoapods
YapDatabase/SQLCipher-ObjC/Extensions/Hooks 4.0.1 间接依赖 cocoapods
google-apis-iamcredentials_v1 0.6.0 间接依赖 bundler
googleauth 0.17.0 间接依赖 bundler
SignalProtocolObjC 1.1.0 间接依赖 cocoapods
DTFoundation/DTASN1 1.7.18 间接依赖 cocoapods
mini_magick 4.11.0 间接依赖 bundler
colored 1.2 间接依赖 bundler
SQLCipher/standard 4.4.3 间接依赖 cocoapods
rubyzip 2.3.2 间接依赖 bundler
ChatSecure-Push-iOS 1.1 间接依赖 cocoapods
QRCodeReaderViewController 4.0.2 间接依赖 cocoapods
ProxyKit/common 1.2.0 间接依赖 cocoapods
os 1.1.1 间接依赖 bundler
OTRKit 3.0.0 间接依赖 cocoapods
YapDatabase/SQLCipher-ObjC/Extensions/SecondaryIndex 4.0.1 间接依赖 cocoapods
PureLayout 3.1.8 间接依赖 cocoapods
security 0.1.3 间接依赖 bundler
cocoapods 1.10.2 间接依赖 bundler
faraday-rack 1.0.0 间接依赖 bundler
escape 0.0.4 间接依赖 bundler
Kvitto 1.0.6 间接依赖 cocoapods
ZXingObjC/Core 3.6.5 间接依赖 cocoapods
FormatterKit/Resources 1.9.0 间接依赖 cocoapods
SQLCipher/common 4.4.3 间接依赖 cocoapods
aws-sdk-kms 1.46.0 间接依赖 bundler
OTRAssets 0.1.0 间接依赖 cocoapods
KissXML/All 5.3.1 间接依赖 cocoapods
YapDatabase/SQLCipher/Extensions/ActionManager 4.0.1 间接依赖 cocoapods
SAMKeychain 1.5.3 间接依赖 cocoapods
YapDatabase/SQLCipher/Extensions/CrossProcessNotification 4.0.1 间接依赖 cocoapods
cocoapods-search 1.0.0 间接依赖 bundler
BButton 4.0.2 间接依赖 cocoapods
YapDatabase/SQLCipher/Extensions 4.0.1 间接依赖 cocoapods
BBlock/AppKit 间接依赖 cocoapods
YapDatabase/SQLCipher-ObjC/Extensions/ActionManager 4.0.1 间接依赖 cocoapods
YapDatabase/SQLCipher-ObjC/Core 4.0.1 间接依赖 cocoapods
YapDatabase/SQLCipher-ObjC/Extensions/AutoView 4.0.1 间接依赖 cocoapods
fuzzy_match 2.0.4 间接依赖 bundler
http-cookie 1.0.4 间接依赖 bundler
colored2 3.1.2 间接依赖 bundler
unicode-display_width 1.7.0 间接依赖 bundler
YapDatabase/SQLCipher-ObjC/Extensions/ManualView 4.0.1 间接依赖 cocoapods
HTMLReader 2.1.7 间接依赖 cocoapods
emoji_regex 3.2.2 间接依赖 bundler
YapDatabase/SQLCipher/Extensions/ManualView 4.0.1 间接依赖 cocoapods
ffi 1.15.3 间接依赖 bundler
faraday-net_http_persistent 1.2.0 间接依赖 bundler
naturally 2.2.1 间接依赖 bundler
algoliasearch 1.27.5 间接依赖 bundler
YapDatabase/SQLCipher/Extensions/View 4.0.1 间接依赖 cocoapods
libsqlfs/common 1.3.2 间接依赖 cocoapods
YapDatabase/SQLCipher/Extensions/FullTextSearch 4.0.1 间接依赖 cocoapods
highline 2.0.3 间接依赖 bundler
faraday_middleware 1.1.0 间接依赖 bundler
representable 3.1.1 间接依赖 bundler
DTFoundation/Core 1.7.18 间接依赖 cocoapods
google-apis-core 0.4.1 间接依赖 bundler
rake 13.0.6 间接依赖 bundler
LumberjackConsole 3.3.1 间接依赖 cocoapods
atomos 0.1.3 间接依赖 bundler
memoist 0.16.2 间接依赖 bundler
ZXingObjC/QRCode 3.6.5 间接依赖 cocoapods
YapDatabase/SQLCipher-ObjC/Extensions/SearchResultsView 4.0.1 间接依赖 cocoapods
retriable 3.1.2 间接依赖 bundler
excon 0.85.0 间接依赖 bundler
fastlane 2.191.0 间接依赖 bundler
molinillo 0.6.6 间接依赖 bundler
terminal-notifier 2.0.0 间接依赖 bundler
TTTAttributedLabel 2.0.0 间接依赖 cocoapods
faraday-excon 1.1.0 间接依赖 bundler
KissXML/Core 5.3.1 间接依赖 cocoapods
fastimage 2.2.4 间接依赖 bundler
tzinfo 1.2.9 间接依赖 bundler
httpclient 2.8.3 间接依赖 bundler
YapDatabase/SQLCipher/Extensions/Hooks 4.0.1 间接依赖 cocoapods
unf_ext 0.0.7.7 间接依赖 bundler
SignalProtocolC 2.3.2 间接依赖 cocoapods
LicensePlist 3.13.0 间接依赖 cocoapods
ARChromeActivity 1.0.6 间接依赖 cocoapods
cocoapods-deintegrate 1.0.4 间接依赖 bundler
YapDatabase/SQLCipher/Extensions/CloudKit 4.0.1 间接依赖 cocoapods
google-apis-playcustomapp_v1 0.5.0 间接依赖 bundler
CocoaLumberjack 3.7.2 间接依赖 cocoapods
YapDatabase/SQLCipher 4.0.1 间接依赖 cocoapods
MBProgressHUD 1.2.0 间接依赖 cocoapods
YapDatabase/SQLCipher-ObjC/Extensions/CloudKit 4.0.1 间接依赖 cocoapods
YapDatabase/SQLCipher/Extensions/RTreeIndex 4.0.1 间接依赖 cocoapods
CocoaLumberjack/Core 3.7.2 间接依赖 cocoapods
google-cloud-storage 1.34.1 间接依赖 bundler
YapDatabase/SQLCipher-ObjC/Extensions/Relationships 4.0.1 间接依赖 cocoapods
YapDatabase/SQLCipher/Extensions/SearchResultsView 4.0.1 间接依赖 cocoapods
CocoaAsyncSocket 7.6.5 间接依赖 cocoapods
word_wrap 1.0.0 间接依赖 bundler
IOCipher/common 0.1.0 间接依赖 cocoapods
tty-screen 0.8.1 间接依赖 bundler
KissXML/Additions 5.3.1 间接依赖 cocoapods
netrc 0.11.0 间接依赖 bundler
YapDatabase/SQLCipher/Core 4.0.1 间接依赖 cocoapods
terminal-table 1.8.0 间接依赖 bundler
cocoapods-core 1.10.2 间接依赖 bundler
simctl 1.6.8 间接依赖 bundler
IOCipher/GCDWebServer 0.1.0 间接依赖 cocoapods
declarative 0.0.20 间接依赖 bundler
CocoaLumberjack/Swift 3.7.2 间接依赖 cocoapods
MWFeedParser/FeedParser 1.0.1 间接依赖 cocoapods
ParkedTextField 1.0.0 间接依赖 cocoapods
JSQMessagesViewController 7.3.4 间接依赖 cocoapods
Mantle/extobjc 2.1.6 间接依赖 cocoapods
multipart-post 2.0.0 间接依赖 bundler
plist 3.6.0 间接依赖 bundler
uber 0.1.0 间接依赖 bundler
gh_inspector 1.1.3 间接依赖 bundler
xcpretty-travis-formatter 1.0.1 间接依赖 bundler
mini_mime 1.1.0 间接依赖 bundler
faraday-patron 1.0.0 间接依赖 bundler
webrick 1.7.0 间接依赖 bundler
addressable 2.8.0 间接依赖 bundler
signet 0.15.0 间接依赖 bundler
xcpretty 0.3.0 间接依赖 bundler
faraday 1.6.0 间接依赖 bundler
libidn 1.35 间接依赖 cocoapods
CFPropertyList 3.0.3 间接依赖 bundler
trailblazer-option 0.1.1 间接依赖 bundler
MWFeedParser 1.0.1 间接依赖 cocoapods
cocoapods-trunk 1.5.0 间接依赖 bundler
commander 4.6.0 间接依赖 bundler
aws-sdk-core 3.119.0 间接依赖 bundler
jwt 2.2.3 间接依赖 bundler
BBlock/StoreKit 1.2.1 间接依赖 cocoapods
multi_json 1.15.0 间接依赖 bundler
cocoapods-plugins 1.0.0 间接依赖 bundler
faraday-cookie_jar 0.0.7 间接依赖 bundler
activesupport 5.2.6 间接依赖 bundler
rouge 2.0.7 间接依赖 bundler
bundler 间接依赖 bundler
YapDatabase/SQLCipher/Extensions/CloudCore 4.0.1 间接依赖 cocoapods
YapDatabase/SQLCipher-ObjC/Extensions/RTreeIndex 4.0.1 间接依赖 cocoapods
domain_name 0.5.20190701 间接依赖 bundler
MWFeedParser/NSDate 间接依赖 cocoapods
BBlock/Foundation 1.2.1 间接依赖 cocoapods
concurrent-ruby 1.1.9 间接依赖 bundler
dotenv 2.7.6 间接依赖 bundler
Alamofire 5.4.3 间接依赖 cocoapods
libsqlfs/SQLCipher 1.3.2 间接依赖 cocoapods
aws-eventstream 1.1.1 间接依赖 bundler
cocoapods-try 1.2.0 间接依赖 bundler
FormatterKit/TimeIntervalFormatter 1.9.0 间接依赖 cocoapods
YapDatabase/SQLCipher/Extensions/Relationships 4.0.1 间接依赖 cocoapods
ethon 0.14.0 间接依赖 bundler
rexml 3.2.5 间接依赖 bundler
FormatterKit/UnitOfInformationFormatter 1.9.0 间接依赖 cocoapods
cocoapods-downloader 1.4.0 间接依赖 bundler
minitest 5.14.4 间接依赖 bundler
nap 1.1.0 间接依赖 bundler
google-cloud-core 1.6.0 间接依赖 bundler
tty-spinner 0.9.3 间接依赖 bundler
AFNetworking/Security 4.0.1 间接依赖 cocoapods
google-cloud-errors 1.1.0 间接依赖 bundler
unf 0.1.4 间接依赖 bundler
GCDWebServer/Core 3.5.4 间接依赖 cocoapods
aws-sigv4 1.2.4 间接依赖 bundler
jmespath 1.4.0 间接依赖 bundler
BBlock 1.2.1 间接依赖 cocoapods
faraday-em_http 1.0.0 间接依赖 bundler
tty-cursor 0.7.1 间接依赖 bundler
faraday-net_http 1.0.1 间接依赖 bundler
json 2.5.1 间接依赖 bundler
fourflusher 2.3.1 间接依赖 bundler
SQLCipher 4.4.3 间接依赖 cocoapods
Kvitto/Core 1.0.6 间接依赖 cocoapods
YapDatabase/SQLCipher-ObjC/Extensions/FilteredView 4.0.1 间接依赖 cocoapods
XMPPFramework/default 4.1.1 间接依赖 cocoapods
thread_safe 0.3.6 间接依赖 bundler
xcodeproj 1.20.0 间接依赖 bundler
YapDatabase/SQLCipher-ObjC/Extensions/CloudCore 4.0.1 间接依赖 cocoapods
KissXML 5.3.1 间接依赖 cocoapods
YapDatabase/SQLCipher/Extensions/FilteredView 4.0.1 间接依赖 cocoapods
YapDatabase/SQLCipher/Extensions/AutoView 4.0.1 间接依赖 cocoapods
faraday-em_synchrony 1.0.0 间接依赖 bundler
digest-crc 0.6.4 间接依赖 bundler
babosa 1.0.4 间接依赖 bundler
YapDatabase/SQLCipher-ObjC/Extensions/View 4.0.1 间接依赖 cocoapods
BBlock/UIKit 1.2.1 间接依赖 cocoapods
ChatSecureCore 1.0.0 间接依赖 cocoapods
public_suffix 4.0.6 间接依赖 bundler
claide 1.0.3 间接依赖 bundler
YapDatabase/SQLCipher/Extensions/SecondaryIndex 4.0.1 间接依赖 cocoapods
OpenInChrome 0.0.1 间接依赖 cocoapods
XMPPFramework/Swift 4.1.1 间接依赖 cocoapods
ProxyKit/Client 1.2.0 间接依赖 cocoapods
(0)
上一篇 2023年11月27日
下一篇 2023年11月27日

相关推荐

  • GitTibbe/LED-Strip-HomeKit-Driver 软件分析报告

    基础信息 项目名称:GitTibbe/LED-Strip-HomeKit-Driver 项目徽章: 仓库地址:https://github.com/pterodactyl/panel 检测报告地址:https://www.murphysec.com/console/report/1718145359251374080/1718145359289122816 …

    软件分析 2023年10月28日
    0

  • arouanet/homebridge-sht3x 软件分析报告

    基础信息 项目名称:arouanet/homebridge-sht3x 项目徽章: 仓库地址:https://github.com/pterodactyl/panel 检测报告地址:https://www.murphysec.com/console/report/1716041812258111488/1716041812501381120 此报告由Murp…

    软件分析 2023年10月23日
    0

  • koajs/userauth 软件分析报告

    基础信息 项目名称:koajs/userauth 项目徽章: 仓库地址:https://github.com/pterodactyl/panel 检测报告地址:https://www.murphysec.com/console/report/1719504850731532288/1719504850769281024 此报告由Murphysec提供 漏洞列…

    软件分析 2023年11月1日
    0

  • flimshaw/Valiant360 软件分析报告

    基础信息 项目名称:flimshaw/Valiant360 项目徽章: 仓库地址:https://github.com/pterodactyl/panel 检测报告地址:https://www.murphysec.com/console/report/1721200966300073984/1723315978332758016 此报告由Murphysec提…

    软件分析 2023年11月11日
    0

  • pydoit/doit 软件分析报告

    基础信息 项目名称:pydoit/doit 项目徽章: 仓库地址:https://github.com/pterodactyl/panel 检测报告地址:https://www.murphysec.com/console/report/1765180983803330560/1765180983849467904 此报告由Murphysec提供 漏洞列表 暂…

    软件分析 2024年3月6日
    0