基础信息
项目名称:taichi-dev/taichi
项目徽章:
仓库地址:https://github.com/pterodactyl/panel
检测报告地址:https://www.murphysec.com/console/report/1744135633203707904/1744135633245650944
此报告由Murphysec提供
漏洞列表
| 漏洞名称 | 漏洞类型 | MPS编号 | CVE编号 | 漏洞等级 |
|---|---|---|---|---|
| Simple DirectMedia Layer SDL2_image 缓冲区错误漏洞 | 越界写入 | MPS-2018-14365 | CVE-2018-3977 | 高危 |
| Simple DirectMedia Layer 安全漏洞 | 越界读取 | MPS-2018-4435 | CVE-2018-3837 | 中危 |
| Simple DirectMedia Layer 安全漏洞 | 越界读取 | MPS-2018-4436 | CVE-2018-3838 | 中危 |
| Simple DirectMedia Layer 安全漏洞 | 越界写入 | MPS-2018-4437 | CVE-2018-3839 | 高危 |
| Miniz 安全漏洞 | 不可达退出条件的循环(无限循环) | MPS-2018-8458 | CVE-2018-12913 | 高危 |
缺陷组件
| 组件名称 | 版本 | 最小修复版本 | 依赖关系 | 修复建议 |
|---|---|---|---|---|
| miniz | 2.1.0 | 间接依赖 | 建议修复 | |
| miniz | 2.2.0 | 间接依赖 | 建议修复 | |
| sdl_image | 2.0.5 | 间接依赖 | 建议修复 |
许可证风险
| 许可证类型 | 相关组件 | 许可证风险 |
|---|---|---|
| MIT | 5 | 低 |
| 自定义许可证 | 4 | 低 |
| Apache-2.0 | 1 | 低 |
SBOM清单
| 组件名称 | 组件版本 | 是否直接依赖 | 仓库 |
|---|---|---|---|
| _ndarray | 间接依赖 | pip | |
| AtomicOps | 间接依赖 | pip | |
| rmdir | 间接依赖 | pip | |
| ScalarNdarray | 间接依赖 | pip | |
| u8 | 间接依赖 | pip | |
| cook_dtype | 间接依赖 | pip | |
| List | 间接依赖 | pip | |
| miniz | 2.1.0 | 间接依赖 | |
| has_pytorch | 间接依赖 | pip | |
| TaichiCompilationError | 间接依赖 | pip | |
| vec3 | 间接依赖 | pip | |
| make_matrix | 间接依赖 | pip | |
| asin | 间接依赖 | pip | |
| integer_type_ids | 间接依赖 | pip | |
| generate_c_api | 间接依赖 | pip | |
| NamedTemporaryFile | 间接依赖 | pip | |
| func | 间接依赖 | pip | |
| LinearOperator | 间接依赖 | pip | |
| mkstemp | 间接依赖 | pip | |
| euler_to_vec | 间接依赖 | pip | |
| cos | 间接依赖 | pip | |
| coo_matrix | 间接依赖 | pip | |
| Expr | 间接依赖 | pip | |
| diagnose | 间接依赖 | pip | |
| dot | 间接依赖 | pip | |
| ScalarField | 间接依赖 | pip | |
| HTTPServer | 间接依赖 | pip | |
| get_runtime | 间接依赖 | pip | |
| miniz | 2.2.0 | 间接依赖 | |
| f32 | 间接依赖 | pip | |
| tensor_to_image | 间接依赖 | pip | |
| MatrixFreeBICGSTAB | 间接依赖 | pip | |
| impl | 间接依赖 | pip | |
| axes | 间接依赖 | pip | |
| matplotlib | 间接依赖 | pip | |
| Any | 间接依赖 | pip | |
| BaseHTTPRequestHandler | 间接依赖 | pip | |
| pyfunc | 间接依赖 | pip | |
| listdir | 间接依赖 | pip | |
| dump2json | 间接依赖 | pip | |
| getsourcefile | 间接依赖 | pip | |
| Path | 间接依赖 | pip | |
| PurePosixPath | 间接依赖 | pip | |
| ops | 间接依赖 | pip | |
| Style | 间接依赖 | pip | |
| isinf | 间接依赖 | pip | |
| get_field_info | 间接依赖 | pip | |
| default_cfg | 间接依赖 | pip | |
| autograd | 间接依赖 | pip | |
| MatrixFreeCG | 间接依赖 | pip | |
| cmul | 间接依赖 | pip | |
| check_ggui_availability | 间接依赖 | pip | |
| has_paddle | 间接依赖 | pip | |
| TaichiSyntaxError | 间接依赖 | pip | |
| Field | 间接依赖 | pip | |
| pytest | 间接依赖 | pip | |
| Ndarray | 间接依赖 | pip | |
| sdl_image | 2.0.5 | 间接依赖 | |
| video | 间接依赖 | pip | |
| Matrix | 间接依赖 | pip | |
| get_traceback | 间接依赖 | pip | |
| getsourcelines | 间接依赖 | pip | |
| any_array | 间接依赖 | pip | |
| vector_to_fast_image | 间接依赖 | pip | |
| FunctionType | 间接依赖 | pip | |
| datatime_with_format | 间接依赖 | pip | |
| make_expr_group | 间接依赖 | pip | |
| Dict | 间接依赖 | pip | |
| microbenchmarks | 间接依赖 | pip | |
| TaichiTypeError | 间接依赖 | pip | |
| Fore | 间接依赖 | pip | |
| TaichiRuntimeError | 间接依赖 | pip | |
| DataType | 间接依赖 | pip | |
| MethodType | 间接依赖 | pip | |
| mat3 | 间接依赖 | pip | |
| TaichiIndexError | 间接依赖 | pip | |
| inf | 间接依赖 | pip | |
| real_type_ids | 间接依赖 | pip | |
| taichi | 间接依赖 | pip | |
| expr | 间接依赖 | pip |