Sylius/Sylius 软件分析报告

基础信息

项目名称:Sylius/Sylius

项目徽章:

Security Status

仓库地址:https://github.com/pterodactyl/panel

检测报告地址:https://www.murphysec.com/console/report/1744261853400915968/1744261853438664704

此报告由Murphysec提供

漏洞列表

漏洞名称 漏洞类型 MPS编号 CVE编号 漏洞等级
jQuery 跨站脚本漏洞 XSS MPS-2020-15461 CVE-2020-11023 中危
jQuery 跨站脚本漏洞 XSS MPS-2020-15462 CVE-2020-11022 中危

缺陷组件

组件名称 版本 最小修复版本 依赖关系 修复建议
sphinx 1.8.5 3.0.4 间接依赖 建议修复

许可证风险

许可证类型 相关组件 许可证风险
MIT 101
LGPL-2.0 4
BSD-3-Clause 2
Apache-2.0 1
自定义许可证 1
BSD-2-Clause 1
BSD-4-Clause 1
LGPL-2.1 1

SBOM清单

组件名称 组件版本 是否直接依赖 仓库
symfony/security-core ^5.4.21 || ^6.0 间接依赖 composer
symfony/dependency-injection ^5.4.21 || ^6.0 间接依赖 composer
doctrine/persistence ^2.3 || ^3.0 间接依赖 composer
sylius/theme-bundle ^2.1.1 || ^2.3 间接依赖 composer
webmozart/assert ^1.9 间接依赖 composer
gedmo/doctrine-extensions ^3.2 间接依赖 composer
psr/cache ^2.0 间接依赖 composer
doctrine/common ^3.2 间接依赖 composer
symfony/finder ^5.4.21 || ^6.0 间接依赖 composer
willdurand/hateoas-bundle ^2.0 间接依赖 composer
nyholm/psr7 ^1.6 间接依赖 composer
sylius/fixtures-bundle ^1.7 间接依赖 composer
sonata-project/block-bundle ^4.2 || ^5.0 间接依赖 composer
symfony/doctrine-bridge ^5.4.21 || ^6.0 间接依赖 composer
winzou/state-machine ^0.4 间接依赖 composer
api-platform/core ^2.7.10 间接依赖 composer
twig/intl-extra ^2.12 || ^3.4 间接依赖 composer
php-http/message-factory ^1.0 间接依赖 composer
symfony/polyfill-mbstring ^1.17 间接依赖 composer
symfony/expression-language ^5.4.21 || ^6.0 间接依赖 composer
ramsey/uuid ^4.0 间接依赖 composer
symfony/polyfill-php80 ^1.17 间接依赖 composer
lexik/jwt-authentication-bundle ^2.11 间接依赖 composer
symfony/service-contracts ^2.5 || ^3.0 间接依赖 composer
sylius/registry ^1.5 间接依赖 composer
php-http/httplug ^2.4 间接依赖 composer
sphinx 1.8.5 间接依赖 pip
symfony/deprecation-contracts ^2.5 间接依赖 composer
league/flysystem-bundle ^2.4 间接依赖 composer
knplabs/knp-menu ^3.1 间接依赖 composer
symfony/yaml ^5.4.21 || ^6.0 间接依赖 composer
symfony/framework-bundle ^5.4.21 || ^6.0 间接依赖 composer
symfony/form ^5.4.21 || ^6.0 间接依赖 composer
babdev/pagerfanta-bundle ^3.0 间接依赖 composer
symfony/http-foundation ^5.4.21 || ^6.0 间接依赖 composer
symfony/proxy-manager-bridge ^5.4.21 || ^6.0 间接依赖 composer
symfony/http-client ^5.4.21 || ^6.0 间接依赖 composer
stof/doctrine-extensions-bundle ^1.4 间接依赖 composer
laminas/laminas-stdlib ^3.3.1 间接依赖 composer
knplabs/knp-gaufrette-bundle ^0.7 || ^0.8 间接依赖 composer
sylius-labs/polyfill-symfony-framework-bundle ^1.0 || ^1.1 间接依赖 composer
doctrine/orm ^2.13 间接依赖 composer
doctrine/dbal ^3.0 间接依赖 composer
symfony/translation-contracts ^2.5 间接依赖 composer
sylius/mailer-bundle ^1.8 || ^2.0@beta 间接依赖 composer
symfony/messenger ^5.4.21 || ^6.0 间接依赖 composer
symfony/security-bundle ^5.4.21 || ^6.0 间接依赖 composer
guzzlehttp/psr7 ^2.5 间接依赖 composer
sylius/mailer ^1.8 || ^2.0@beta 间接依赖 composer
symfony/http-kernel ^5.4.21 || ^6.0 间接依赖 composer
symfony/property-access ^5.4.21 || ^6.0 间接依赖 composer
knplabs/gaufrette ^0.10 || ^0.11 间接依赖 composer
symfony/workflow ^5.4.21 || ^6.0 间接依赖 composer
payum/offline ^1.7.3 间接依赖 composer
requirements.txt 间接依赖 pip
symfony/monolog-bundle ^3.5 间接依赖 composer
sylius/calendar v0.5.0 间接依赖 composer
friendsofphp/proxy-manager-lts ^1.0.7 间接依赖 composer
sylius-labs/polyfill-symfony-security ^1.1 间接依赖 composer
doctrine/doctrine-migrations-bundle ^3.0.1 间接依赖 composer
symfony/polyfill-intl-icu ^1.22 间接依赖 composer
sylius/resource-bundle ^1.9 间接依赖 composer
doctrine/event-manager ^1.1 间接依赖 composer
symfony/twig-bundle ^5.4.21 || ^6.0 间接依赖 composer
symfony/routing ^5.4.21 || ^6.0 间接依赖 composer
symfony/polyfill-iconv ^1.17 间接依赖 composer
egulias/email-validator ^3.1 间接依赖 composer
jinja2 3.0.0 间接依赖 pip
symfony/config ^5.4.21 || ^6.0 间接依赖 composer
symfony/password-hasher ^5.4.21 || ^6.0 间接依赖 composer
symfony/event-dispatcher ^5.4.21 || ^6.0 间接依赖 composer
guzzlehttp/guzzle ^6.5 || ^7.0 间接依赖 composer
behat/transliterator ^1.3 间接依赖 composer
symfony/intl ^5.4.21 || ^6.0 间接依赖 composer
symfony/doctrine-messenger ^5.4.21 || ^6.0 间接依赖 composer
liip/imagine-bundle ^2.10 间接依赖 composer
symfony/webpack-encore-bundle ^1.15 间接依赖 composer
symfony/translation ^5.4.21 || ^6.0 间接依赖 composer
sylius/resource ^1.9 间接依赖 composer
symfony/mailer ^5.4.21 || ^6.0 间接依赖 composer
jms/serializer-bundle ^4.2 间接依赖 composer
sylius-labs/doctrine-migrations-extra-bundle ^0.1.4 || ^0.2 间接依赖 composer
sylius-labs/polyfill-symfony-event-dispatcher ^1.0.1 间接依赖 composer
pagerfanta/pagerfanta ^3.0 间接依赖 composer
psr/log ^2.0 间接依赖 composer
payum/payum-bundle ^2.5 间接依赖 composer
symfony/templating ^5.4.21 || ^6.0 间接依赖 composer
willdurand/hateoas ^3.0 间接依赖 composer
fakerphp/faker ^1.10 间接依赖 composer
knplabs/knp-menu-bundle ^3.0 间接依赖 composer
symfony/process ^5.4.21 || ^6.0 间接依赖 composer
symfony/security-csrf ^5.4.21 || ^6.0 间接依赖 composer
winzou/state-machine-bundle ^0.6 间接依赖 composer
friendsofsymfony/rest-bundle ^3.0 间接依赖 composer
symfony/property-info ^5.4.21 || ^6.0 间接依赖 composer
enshrined/svg-sanitize ^0.16 间接依赖 composer
symfony/framework-bundle 间接依赖 composer
sylius/grid-bundle ^1.11 间接依赖 composer
sylius/grid ^1.11 间接依赖 composer
symfony/security-http ^5.4.21 || ^6.0 间接依赖 composer
doctrine/collections ^1.6 间接依赖 composer
symfony/validator ^5.4.21 || ^6.0 间接依赖 composer
doctrine/doctrine-bundle ^1.12 || ^2.3.1 间接依赖 composer
symfony/filesystem ^5.4.21 || ^6.0 间接依赖 composer
symfony/options-resolver ^5.4.21 || ^6.0 间接依赖 composer
psr/http-message ^1.0 间接依赖 composer
doctrine/inflector ^1.4 || ^2.0 间接依赖 composer
docutils 0.18 间接依赖 pip
symfony/console ^5.4.21 || ^6.0 间接依赖 composer
twig/twig ^2.12 || ^3.3 间接依赖 composer
symfony/asset ^5.4.21 || ^6.0 间接依赖 composer
psr/http-client ^1.0 间接依赖 composer
symfony/string ^5.4.21 || ^6.0 间接依赖 composer
doctrine/migrations ^3.5.5 间接依赖 composer
sylius-labs/association-hydrator ^1.1 || ^1.2 间接依赖 composer
symfony/serializer ^5.4.21 || ^6.0 间接依赖 composer
(0)
上一篇 2024年1月8日
下一篇 2024年1月8日

相关推荐

  • aws/aws-app-mesh-examples 软件分析报告

    基础信息 项目名称:aws/aws-app-mesh-examples 项目徽章: 仓库地址:https://github.com/pterodactyl/panel 检测报告地址:https://www.murphysec.com/console/report/1720808394562387968/1720808394633691136 此报告由Murp…

    软件分析 2023年11月4日
    0
  • elevenxt/FreeEngine 软件分析报告

    基础信息 项目名称:elevenxt/FreeEngine 项目徽章: 仓库地址:https://github.com/pterodactyl/panel 检测报告地址:https://www.murphysec.com/console/report/1721161032776355840/1725921133226057728 此报告由Murphysec提…

    软件分析 2023年11月19日
    0
  • bytedance/OMGD 软件分析报告

    基础信息 项目名称:bytedance/OMGD 项目徽章: 仓库地址:https://github.com/pterodactyl/panel 检测报告地址:https://www.murphysec.com/console/report/1716511259407024128/1716511259616739328 此报告由Murphysec提供 漏洞列…

    软件分析 2023年10月24日
    0
  • awgn/cgrep 软件分析报告

    基础信息 项目名称:awgn/cgrep 项目徽章: 仓库地址:https://github.com/pterodactyl/panel 检测报告地址:https://www.murphysec.com/console/report/1716133709332922368/1716133709374865408 此报告由Murphysec提供 漏洞列表 暂无…

    软件分析 2023年10月23日
    0
  • aspecto-io/opentelemetry-ext-js 软件分析报告

    基础信息 项目名称:aspecto-io/opentelemetry-ext-js 项目徽章: 仓库地址:https://github.com/pterodactyl/panel 检测报告地址:https://www.murphysec.com/console/report/1716085748649476096/1716085750390112256 此报…

    软件分析 2023年10月23日
    0