基础信息
项目名称:fossology/fossology
项目徽章:
仓库地址:https://github.com/pterodactyl/panel
检测报告地址:https://www.murphysec.com/console/report/1721207446986362880/1730961899480637440
此报告由Murphysec提供
漏洞列表
漏洞名称 | 漏洞类型 | MPS编号 | CVE编号 | 漏洞等级 |
---|---|---|---|---|
Bootstrap 跨站脚本漏洞 | XSS | MPS-2018-9640 | CVE-2018-14040 | 中危 |
Bootstrap 跨站脚本漏洞 | XSS | MPS-2018-9642 | CVE-2018-14042 | 中危 |
Slim psr7 安全漏洞 | 解释冲突 | MPS-2023-10989 | CVE-2023-30536 | 中危 |
缺陷组件
组件名称 | 版本 | 最小修复版本 | 依赖关系 | 修复建议 |
---|---|---|---|---|
twbs/bootstrap | v4.1.0 | 4.1.2 | 间接依赖 | 建议修复 |
slim/psr7 | 1.4.1 | 1.6.1 | 间接依赖 | 可选修复 |
许可证风险
许可证类型 | 相关组件 | 许可证风险 |
---|---|---|
MIT | 46 | 低 |
GPLv2 | 2 | 中 |
GPLv2+ | 1 | 中 |
LGPLv2+ | 1 | 中 |
Public Domain | 1 | 低 |
BSD with advertising | 1 | 低 |
LGPL-2.0 | 2 | 中 |
LGPL-3.0 | 1 | 中 |
BSD-3-Clause | 5 | 低 |
Python-2.0 | 1 | 低 |
Apache-2.0 | 2 | 低 |
BSD-2-Clause | 1 | 低 |
BSD-4-Clause | 2 | 低 |
LGPL-2.1 | 1 | 中 |
ISC | 1 | 低 |
Zlib | 1 | 低 |
SBOM清单
组件名称 | 组件版本 | 是否直接依赖 | 仓库 |
---|---|---|---|
psr/cache | 1.0.1 | 间接依赖 | composer |
composer/spdx-licenses | 1.5.8 | 间接依赖 | composer |
symfony/polyfill-php80 | v1.28.0 | 间接依赖 | composer |
psr/http-client | 1.0.3 | 间接依赖 | composer |
league/oauth2-client | 2.6.1 | 间接依赖 | composer |
fig/http-message-util | 1.1.5 | 间接依赖 | composer |
symfony/polyfill-mbstring | v1.28.0 | 间接依赖 | composer |
symfony/service-contracts | v2.5.2 | 间接依赖 | composer |
symfony/polyfill-php73 | v1.28.0 | 间接依赖 | composer |
monolog/monolog | 2.8.0 | 间接依赖 | composer |
symfony/polyfill-ctype | v1.28.0 | 间接依赖 | composer |
symfony/var-exporter | v5.4.26 | 间接依赖 | composer |
util-linux | 间接依赖 | ||
lib-libxml | 间接依赖 | composer | |
slim/psr7 | 1.4.1 | 间接依赖 | composer |
phpoffice/phpword | 0.18.3 | 间接依赖 | composer |
symfony/polyfill-intl-idn | v1.28.0 | 间接依赖 | composer |
ezyang/htmlpurifier | v4.17.0 | 间接依赖 | composer |
laminas/laminas-escaper | 2.9.0 | 间接依赖 | composer |
cpython | 2.7.18 | 间接依赖 | |
twbs/bootstrap | v4.1.0 | 间接依赖 | composer |
psr/simple-cache | 1.0.1 | 间接依赖 | composer |
guzzlehttp/psr7 | 2.6.1 | 间接依赖 | composer |
nikic/fast-route | v1.3.0 | 间接依赖 | composer |
symfony/config | v5.4.11 | 间接依赖 | composer |
mscoree.dll | 间接依赖 | ||
twig/twig | v3.4.3 | 间接依赖 | composer |
phpoffice/phpspreadsheet | 1.19.0 | 间接依赖 | composer |
symfony/polyfill-intl-normalizer | v1.28.0 | 间接依赖 | composer |
easyrdf/easyrdf | 1.1.1 | 间接依赖 | composer |
spdx-tools | 0.8.0a2 | 间接依赖 | pip |
busybox | 间接依赖 | ||
symfony/http-foundation | v5.4.13 | 间接依赖 | composer |
psr/http-factory | 1.0.2 | 间接依赖 | composer |
symfony/polyfill-php81 | v1.28.0 | 间接依赖 | composer |
guzzlehttp/promises | 1.5.3 | 间接依赖 | composer |
symfony/translation | v5.4.12 | 间接依赖 | composer |
paragonie/random_compat | v9.99.100 | 间接依赖 | composer |
symfony/deprecation-contracts | v2.5.2 | 间接依赖 | composer |
symfony/yaml | v5.4.12 | 间接依赖 | composer |
psr/container | 1.1.1 | 间接依赖 | composer |
maennchen/zipstream-php | 2.1.0 | 间接依赖 | composer |
symfony/polyfill-php72 | v1.28.0 | 间接依赖 | composer |
psr/http-server-handler | 1.0.2 | 间接依赖 | composer |
myclabs/php-enum | 1.8.4 | 间接依赖 | composer |
symfony/filesystem | v5.4.25 | 间接依赖 | composer |
symfony/dependency-injection | v5.4.13 | 间接依赖 | composer |
guzzlehttp/guzzle | 7.5.0 | 间接依赖 | composer |
openssl | 间接依赖 | ||
symfony/mime | v5.4.13 | 间接依赖 | composer |
slim/slim | 4.8.1 | 间接依赖 | composer |
zlib | 间接依赖 | ||
ralouphie/getallheaders | 3.0.3 | 间接依赖 | composer |
/bin/requirements.txt | 间接依赖 | pip | |
symfony/cache | v5.4.13 | 间接依赖 | composer |
markbaker/matrix | 3.0.1 | 间接依赖 | composer |
firebase/php-jwt | v6.3.0 | 间接依赖 | composer |
psr/log | 1.1.4 | 间接依赖 | composer |
markbaker/complex | 3.0.2 | 间接依赖 | composer |
psr/http-server-middleware | 1.0.2 | 间接依赖 | composer |
symfony/translation-contracts | v2.5.2 | 间接依赖 | composer |
symfony/cache-contracts | v2.5.2 | 间接依赖 | composer |
psr/http-message | 1.1 | 间接依赖 | composer |
OpenDDS | 间接依赖 |