fossology/fossology 软件分析报告

基础信息

项目名称:fossology/fossology

项目徽章:

Security Status

仓库地址:https://github.com/pterodactyl/panel

检测报告地址:https://www.murphysec.com/console/report/1721207446986362880/1730961899480637440

此报告由Murphysec提供

漏洞列表

漏洞名称 漏洞类型 MPS编号 CVE编号 漏洞等级
Bootstrap 跨站脚本漏洞 XSS MPS-2018-9640 CVE-2018-14040 中危
Bootstrap 跨站脚本漏洞 XSS MPS-2018-9642 CVE-2018-14042 中危
Slim psr7 安全漏洞 解释冲突 MPS-2023-10989 CVE-2023-30536 中危

缺陷组件

组件名称 版本 最小修复版本 依赖关系 修复建议
twbs/bootstrap v4.1.0 4.1.2 间接依赖 建议修复
slim/psr7 1.4.1 1.6.1 间接依赖 可选修复

许可证风险

许可证类型 相关组件 许可证风险
MIT 46
GPLv2 2
GPLv2+ 1
LGPLv2+ 1
Public Domain 1
BSD with advertising 1
LGPL-2.0 2
LGPL-3.0 1
BSD-3-Clause 5
Python-2.0 1
Apache-2.0 2
BSD-2-Clause 1
BSD-4-Clause 2
LGPL-2.1 1
ISC 1
Zlib 1

SBOM清单

组件名称 组件版本 是否直接依赖 仓库
psr/cache 1.0.1 间接依赖 composer
composer/spdx-licenses 1.5.8 间接依赖 composer
symfony/polyfill-php80 v1.28.0 间接依赖 composer
psr/http-client 1.0.3 间接依赖 composer
league/oauth2-client 2.6.1 间接依赖 composer
fig/http-message-util 1.1.5 间接依赖 composer
symfony/polyfill-mbstring v1.28.0 间接依赖 composer
symfony/service-contracts v2.5.2 间接依赖 composer
symfony/polyfill-php73 v1.28.0 间接依赖 composer
monolog/monolog 2.8.0 间接依赖 composer
symfony/polyfill-ctype v1.28.0 间接依赖 composer
symfony/var-exporter v5.4.26 间接依赖 composer
util-linux 间接依赖
lib-libxml 间接依赖 composer
slim/psr7 1.4.1 间接依赖 composer
phpoffice/phpword 0.18.3 间接依赖 composer
symfony/polyfill-intl-idn v1.28.0 间接依赖 composer
ezyang/htmlpurifier v4.17.0 间接依赖 composer
laminas/laminas-escaper 2.9.0 间接依赖 composer
cpython 2.7.18 间接依赖
twbs/bootstrap v4.1.0 间接依赖 composer
psr/simple-cache 1.0.1 间接依赖 composer
guzzlehttp/psr7 2.6.1 间接依赖 composer
nikic/fast-route v1.3.0 间接依赖 composer
symfony/config v5.4.11 间接依赖 composer
mscoree.dll 间接依赖
twig/twig v3.4.3 间接依赖 composer
phpoffice/phpspreadsheet 1.19.0 间接依赖 composer
symfony/polyfill-intl-normalizer v1.28.0 间接依赖 composer
easyrdf/easyrdf 1.1.1 间接依赖 composer
spdx-tools 0.8.0a2 间接依赖 pip
busybox 间接依赖
symfony/http-foundation v5.4.13 间接依赖 composer
psr/http-factory 1.0.2 间接依赖 composer
symfony/polyfill-php81 v1.28.0 间接依赖 composer
guzzlehttp/promises 1.5.3 间接依赖 composer
symfony/translation v5.4.12 间接依赖 composer
paragonie/random_compat v9.99.100 间接依赖 composer
symfony/deprecation-contracts v2.5.2 间接依赖 composer
symfony/yaml v5.4.12 间接依赖 composer
psr/container 1.1.1 间接依赖 composer
maennchen/zipstream-php 2.1.0 间接依赖 composer
symfony/polyfill-php72 v1.28.0 间接依赖 composer
psr/http-server-handler 1.0.2 间接依赖 composer
myclabs/php-enum 1.8.4 间接依赖 composer
symfony/filesystem v5.4.25 间接依赖 composer
symfony/dependency-injection v5.4.13 间接依赖 composer
guzzlehttp/guzzle 7.5.0 间接依赖 composer
openssl 间接依赖
symfony/mime v5.4.13 间接依赖 composer
slim/slim 4.8.1 间接依赖 composer
zlib 间接依赖
ralouphie/getallheaders 3.0.3 间接依赖 composer
/bin/requirements.txt 间接依赖 pip
symfony/cache v5.4.13 间接依赖 composer
markbaker/matrix 3.0.1 间接依赖 composer
firebase/php-jwt v6.3.0 间接依赖 composer
psr/log 1.1.4 间接依赖 composer
markbaker/complex 3.0.2 间接依赖 composer
psr/http-server-middleware 1.0.2 间接依赖 composer
symfony/translation-contracts v2.5.2 间接依赖 composer
symfony/cache-contracts v2.5.2 间接依赖 composer
psr/http-message 1.1 间接依赖 composer
OpenDDS 间接依赖
(0)
上一篇 2023年12月2日
下一篇 2023年12月2日

相关推荐

  • davidfowl/BedrockFramework 软件分析报告

    基础信息 项目名称:davidfowl/BedrockFramework 项目徽章: 仓库地址:https://github.com/pterodactyl/panel 检测报告地址:https://www.murphysec.com/console/report/1717075606197026816/1717075606322855936 此报告由Mur…

    软件分析 2023年10月25日
    0
  • jkbrzt/rrule 软件分析报告

    基础信息 项目名称:jkbrzt/rrule 项目徽章: 仓库地址:https://github.com/pterodactyl/panel 检测报告地址:https://www.murphysec.com/console/report/1719164748209717248/1719164748499124224 此报告由Murphysec提供 漏洞列表 …

    软件分析 2023年10月31日
    0
  • atom/language-csharp 软件分析报告

    基础信息 项目名称:atom/language-csharp 项目徽章: 仓库地址:https://github.com/pterodactyl/panel 检测报告地址:https://www.murphysec.com/console/report/1716106025765568512/1716106026340188160 此报告由Murphysec…

    软件分析 2023年10月23日
    0
  • flatiron/prompt 软件分析报告

    基础信息 项目名称:flatiron/prompt 项目徽章: 仓库地址:https://github.com/pterodactyl/panel 检测报告地址:https://www.murphysec.com/console/report/1717858777394102272/1717858782649565184 此报告由Murphysec提供 漏洞…

    软件分析 2023年10月27日
    0
  • zhanjiarong/JRVideoPlayer 软件分析报告

    基础信息 项目名称:zhanjiarong/JRVideoPlayer 项目徽章: 仓库地址:https://github.com/pterodactyl/panel 检测报告地址:https://www.murphysec.com/console/report/1720375745710559232/1720375758863896576 此报告由Murp…

    软件分析 2023年11月3日
    0