primefaces/primefaces 软件分析报告

基础信息

项目名称:primefaces/primefaces

项目徽章:

Security Status

仓库地址:https://github.com/pterodactyl/panel

检测报告地址:https://www.murphysec.com/console/report/1749307119150923776/1749307143893123072

此报告由Murphysec提供

漏洞列表

漏洞名称 漏洞类型 MPS编号 CVE编号 漏洞等级
FasterXML jackson-databind 代码问题漏洞 XXE MPS-2020-17358 CVE-2020-25649 高危
org.primefaces:primefaces 存在跨站脚本漏洞 XSS MPS-2022-11858 中危
org.primefaces:primefaces 存在跨站脚本漏洞 XSS MPS-2022-11877 中危
org.primefaces:primefaces 存在跨站脚本漏洞 XSS MPS-2022-12078 中危
org.primefaces:primefaces 存在跨站脚本漏洞 XSS MPS-2022-12202 中危
org.primefaces:primefaces 存在跨站脚本漏洞 XSS MPS-2022-12227 中危
FasterXML Jackson-databind 拒绝服务漏洞 拒绝服务 MPS-2022-12500 中危
node-semver 安全漏洞 ReDoS MPS-2022-5166 CVE-2022-25883 高危
FasterXML jackson-databind 小于2.14.0-rc1拒绝服务漏洞 拒绝服务 MPS-2022-58653 CVE-2022-42003 中危
FasterXML jackson-databind 小于2.13.4拒绝服务漏洞 拒绝服务 MPS-2022-58654 CVE-2022-42004 中危
FasterXML jackson-databind 拒绝服务漏洞 越界写入 MPS-2022-6242 CVE-2020-36518 高危
Resteasy 安全漏洞 MPS-2023-2844 CVE-2023-0482 中危
jackson-databind 拒绝服务漏洞 拒绝服务 MPS-2023-8438 CVE-2021-46877 中危
Guava 创建拥有不安全权限的临时文件 MPS-mfku-xzh3 CVE-2023-2976 中危
【存在争议】FasterXML jackson-databind 代码问题漏洞 不加限制或调节的资源分配 MPS-z1bx-p8y2 CVE-2023-35116 中危

缺陷组件

组件名称 版本 最小修复版本 依赖关系 修复建议
com.fasterxml.jackson.core:jackson-databind 2.12.7.1 2.16.0 间接依赖 建议修复
com.fasterxml.jackson.core:jackson-databind 2.10.3 2.16.0 间接依赖 建议修复
com.google.guava:guava 30.1-jre 32.0.0-jre 间接依赖 可选修复
org.jboss.resteasy:resteasy-core 5.0.9.Final 直接依赖 可选修复
org.primefaces:primefaces 14.0.0-SNAPSHOT 直接依赖 可选修复
semver 7.3.5 7.5.2 间接依赖 可选修复

许可证风险

许可证类型 相关组件 许可证风险
MIT 264
JSON 1
ISC 61
BSD-3-Clause 10
Apache-2.0 145
CC0-1.0 1
BSD-2-Clause 11
EPL-2.0 12
自定义许可证 11
LGPL-2.1 1
MPL-2.0 1
LGPL-3.0-or-later 4
0BSD 1
MPL-1.1 1
LGPL-2.1-or-later 1
CC-BY-3.0 1
MIT-0 1

SBOM清单

组件名称 组件版本 是否直接依赖 仓库
array-union 2.1.0 间接依赖 npm
buffer 5.7.1 间接依赖 npm
org.json:json 20231013 直接依赖 maven
npm-normalize-package-bin 1.0.1 间接依赖 npm
commander 2.20.3 间接依赖 npm
@fullcalendar/interaction 5.11.0 直接依赖 npm
imurmurhash 0.1.4 间接依赖 npm
@melloware/coloris 0.18.0 直接依赖 npm
asynckit 0.4.0 间接依赖 npm
parchment 1.1.4 间接依赖 npm
com.fasterxml:classmate 1.5.1 间接依赖 maven
internal-slot 1.0.3 间接依赖 npm
@eslint/eslintrc 0.4.3 间接依赖 npm
minipass-flush 1.0.5 间接依赖 npm
spdx-license-ids 3.0.5 间接依赖 npm
com.fasterxml.jackson.core:jackson-core 2.10.3 间接依赖 maven
esrecurse 4.3.0 间接依赖 npm
esutils 2.0.3 间接依赖 npm
jakarta.annotation:jakarta.annotation-api 2.1.1 间接依赖 maven
org.jboss.logging:jboss-logging 3.4.3.Final 间接依赖 maven
@typescript-eslint/typescript-estree 4.31.0 间接依赖 npm
enquirer 2.3.6 间接依赖 npm
which 2.0.2 间接依赖 npm
org.apache.xmlbeans:xmlbeans 5.2.0 间接依赖 maven
org.junit.platform:junit-platform-engine 1.10.1 间接依赖 maven
ssri 8.0.1 间接依赖 npm
unique-slug 2.0.2 间接依赖 npm
@fullcalendar/core 5.11.0 直接依赖 npm
com.fasterxml.jackson.core:jackson-databind 2.12.7.1 间接依赖 maven
aggregate-error 3.1.0 间接依赖 npm
@fullcalendar/daygrid 5.11.0 间接依赖 npm
com.fasterxml.jackson.core:jackson-core 2.16.1 间接依赖 maven
supports-color 5.5.0 间接依赖 npm
ansi-colors 4.1.1 间接依赖 npm
is-extglob 2.1.1 间接依赖 npm
org.ehcache:ehcache 3.9.9 直接依赖 maven
org.apache.myfaces.core:myfaces-impl 2.3-next-M8 直接依赖 maven
com.fasterxml.jackson.core:jackson-annotations 2.10.3 间接依赖 maven
org.seleniumhq.selenium:selenium-support 4.16.1 间接依赖 maven
pacote 12.0.2 直接依赖 npm
socks 2.6.1 间接依赖 npm
jakarta.interceptor:jakarta.interceptor-api 2.1.0 间接依赖 maven
org.apache.logging.log4j:log4j-api 2.21.1 间接依赖 maven
table 6.7.1 间接依赖 npm
diff 5.0.0 间接依赖 npm
brace-expansion 1.1.11 间接依赖 npm
jsonc-parser 3.2.0 间接依赖 npm
glob 7.1.7 间接依赖 npm
npmlog 6.0.0 间接依赖 npm
wide-align 1.1.5 间接依赖 npm
preact 10.4.8 间接依赖 npm
json-schema-traverse 0.4.1 间接依赖 npm
@types/npm-package-arg 6.1.1 间接依赖 npm
org.slf4j:slf4j-api 2.0.6 间接依赖 maven
org.apache.xbean:xbean-asm9-shaded 4.21 间接依赖 maven
validate-npm-package-license 3.0.4 间接依赖 npm
marked 4.1.1 间接依赖 npm
ieee754 1.2.1 间接依赖 npm
org.seleniumhq.selenium:selenium-chrome-driver 4.16.1 间接依赖 maven
org.jboss.logging:jboss-logging-processor 2.2.1.Final 间接依赖 maven
com.google.j2objc:j2objc-annotations 2.8 间接依赖 maven
json-stable-stringify-without-jsonify 1.0.1 间接依赖 npm
callsites 3.1.0 间接依赖 npm
locate-path 2.0.0 间接依赖 npm
io.opentelemetry:opentelemetry-sdk-common 1.28.0 间接依赖 maven
word-wrap 1.2.4 间接依赖 npm
array-includes 3.1.3 间接依赖 npm
component-emitter 1.3.0 直接依赖 npm
string.prototype.trimstart 1.0.4 间接依赖 npm
io.github.bonigarcia:webdrivermanager 5.6.3 直接依赖 maven
pkg-up 2.0.0 间接依赖 npm
npm-install-checks 4.0.0 间接依赖 npm
@babel/highlight 7.13.10 间接依赖 npm
has-tostringtag 1.0.0 间接依赖 npm
com.google.code.findbugs:jsr305 3.0.2 间接依赖 maven
com.fasterxml.jackson.core:jackson-annotations 2.16.1 间接依赖 maven
strip-bom 3.0.0 间接依赖 npm
is-negative-zero 2.0.1 间接依赖 npm
minipass-pipeline 1.2.4 间接依赖 npm
com.googlecode.owasp-java-html-sanitizer:owasp-java-html-sanitizer 20220608.1 直接依赖 maven
com.sun.xml.bind:jaxb-impl 2.3.6 直接依赖 maven
dev.failsafe:failsafe 3.3.2 间接依赖 maven
org.apache.httpcomponents.core5:httpcore5 5.2 间接依赖 maven
is-symbol 1.0.4 间接依赖 npm
text-table 0.2.0 间接依赖 npm
ignore 4.0.6 间接依赖 npm
glob-parent 5.1.2 间接依赖 npm
node-gyp 8.4.1 间接依赖 npm
lodash.truncate 4.4.2 间接依赖 npm
path-type 4.0.0 间接依赖 npm
ip 1.1.5 间接依赖 npm
vis-data 7.1.6 直接依赖 npm
picomatch 2.3.0 间接依赖 npm
esprima 4.0.1 间接依赖 npm
org.apache.xbean:xbean-finder-shaded 4.21 间接依赖 maven
end-of-stream 1.4.4 间接依赖 npm
p-map 4.0.0 间接依赖 npm
jsonparse 1.3.1 间接依赖 npm
org.jboss.resteasy:resteasy-jackson2-provider 5.0.9.Final 直接依赖 maven
com.github.docker-java:docker-java-transport-httpclient5 3.3.4 间接依赖 maven
@types/libnpmpublish 4.0.1 直接依赖 npm
@types/tar-stream 2.2.1 直接依赖 npm
@fullcalendar/moment 5.11.0 直接依赖 npm
org.junit.platform:junit-platform-commons 1.10.1 间接依赖 maven
org.apache.myfaces.core:myfaces-impl 4.0.1 直接依赖 maven
source-map 0.7.3 直接依赖 npm
org.seleniumhq.selenium:selenium-edge-driver 4.16.1 间接依赖 maven
eslint-plugin-import 2.24.2 直接依赖 npm
org.slf4j:slf4j-api 2.0.10 间接依赖 maven
flatted 3.1.1 间接依赖 npm
infer-owner 1.0.4 间接依赖 npm
aproba 2.0.0 间接依赖 npm
@types/npm-registry-fetch 8.0.2 间接依赖 npm
org.slf4j:slf4j-simple 2.0.11 直接依赖 maven
globals 13.11.0 间接依赖 npm
org.apache.httpcomponents.core5:httpcore5-h2 5.2 间接依赖 maven
spdx-expression-parse 3.0.1 间接依赖 npm
minimist 1.2.6 间接依赖 npm
org.jboss.classfilewriter:jboss-classfilewriter 1.3.0.Final 间接依赖 maven
org.apache.openwebbeans:openwebbeans-spi 2.0.27 间接依赖 maven
agentkeepalive 4.1.4 间接依赖 npm
semver 7.3.5 间接依赖 npm
pify 3.0.0 间接依赖 npm
npm-package-arg 8.1.5 间接依赖 npm
lodash.merge 4.6.2 间接依赖 npm
io.opentelemetry:opentelemetry-extension-incubator 1.28.0-alpha 间接依赖 maven
find-up 2.1.0 间接依赖 npm
org.jboss.weld:weld-api 5.0.SP3 间接依赖 maven
minipass-collect 1.0.2 间接依赖 npm
estraverse 5.2.0 间接依赖 npm
commons-io:commons-io 2.15.1 直接依赖 maven
typedoc 0.22.18 直接依赖 npm
micromatch 4.0.4 间接依赖 npm
org.seleniumhq.selenium:selenium-firefox-driver 4.16.1 间接依赖 maven
functional-red-black-tree 1.0.1 间接依赖 npm
strip-json-comments 3.1.1 间接依赖 npm
merge2 1.4.1 间接依赖 npm
org.apache.openwebbeans:openwebbeans-el22 2.0.27 间接依赖 maven
org.junit.jupiter:junit-jupiter-params 5.10.1 直接依赖 maven
object.values 1.1.4 间接依赖 npm
chownr 2.0.0 间接依赖 npm
util-deprecate 1.0.2 间接依赖 npm
cropperjs 1.5.12 直接依赖 npm
@es-joy/jsdoccomment 0.10.8 间接依赖 npm
delegates 1.0.0 间接依赖 npm
jakarta.xml.bind:jakarta.xml.bind-api 2.3.3 间接依赖 maven
io.nayuki:qrcodegen 1.8.0 直接依赖 maven
is-fullwidth-code-point 3.0.0 间接依赖 npm
regexpp 3.1.0 间接依赖 npm
combined-stream 1.0.8 间接依赖 npm
argparse 1.0.10 间接依赖 npm
tsutils 3.21.0 间接依赖 npm
promise-inflight 1.0.1 间接依赖 npm
string-width 4.2.3 间接依赖 npm
has-unicode 2.0.1 间接依赖 npm
info.picocli:picocli 4.7.5 直接依赖 maven
@npmcli/run-script 2.0.0 间接依赖 npm
com.github.docker-java:docker-java-transport 3.3.4 间接依赖 maven
commons-digester:commons-digester 1.8 间接依赖 maven
color-support 1.1.3 间接依赖 npm
parent-module 1.0.1 间接依赖 npm
mime-types 2.1.34 间接依赖 npm
object-inspect 1.11.0 间接依赖 npm
@types/js-cookie 2.2.7 直接依赖 npm
lunr 2.3.9 间接依赖 npm
@types/node 16.9.1 间接依赖 npm
jfree:jcommon 1.0.0 间接依赖 maven
io.opentelemetry:opentelemetry-api-events 1.28.0-alpha 间接依赖 maven
com.google.errorprone:error_prone_annotations 2.3.4 间接依赖 maven
org.seleniumhq.selenium:selenium-devtools-v85 4.16.1 间接依赖 maven
org.apache.myfaces.core:myfaces-impl 2.3.10 直接依赖 maven
set-blocking 2.0.0 间接依赖 npm
minipass-sized 1.0.3 间接依赖 npm
com.github.librepdf:openpdf 1.3.39 直接依赖 maven
chalk 2.4.2 间接依赖 npm
propagating-hammerjs 2.0.1 直接依赖 npm
com.rometools:rome 1.19.0 直接依赖 maven
com.github.docker-java:docker-java-api 3.3.4 间接依赖 maven
isexe 2.0.0 间接依赖 npm
org.apache.openwebbeans:openwebbeans-jsf 2.0.27 直接依赖 maven
@types/chart.js 2.9.37 直接依赖 npm
is-boolean-object 1.1.2 间接依赖 npm
org.apache.httpcomponents.client5:httpclient5 5.2.1 间接依赖 maven
js-yaml 3.13.1 间接依赖 npm
commons-codec:commons-codec 1.16.0 间接依赖 maven
io.opentelemetry:opentelemetry-sdk-extension-autoconfigure-spi 1.28.0 间接依赖 maven
delayed-stream 1.0.0 间接依赖 npm
com.github.java-json-tools:jackson-coreutils 2.0 间接依赖 maven
escape-string-regexp 1.0.5 间接依赖 npm
org.jboss.weld.module:weld-web 5.1.2.Final 间接依赖 maven
base64-js 1.5.1 间接依赖 npm
inflight 1.0.6 间接依赖 npm
@npmcli/move-file 1.1.2 间接依赖 npm
tslib 1.14.1 间接依赖 npm
doctrine 3.0.0 间接依赖 npm
@npmcli/installed-package-contents 1.0.7 间接依赖 npm
@nodelib/fs.walk 1.2.8 间接依赖 npm
@npmcli/promise-spawn 1.3.2 间接依赖 npm
@types/inputmask 5.0.3 直接依赖 npm
vscode-oniguruma 1.6.2 间接依赖 npm
mime-db 1.51.0 间接依赖 npm
javax.inject:javax.inject 1 直接依赖 maven
@fullcalendar/timegrid 5.11.0 直接依赖 npm
tmp 0.2.1 直接依赖 npm
http-proxy-agent 4.0.1 间接依赖 npm
@types/hammerjs 2.0.40 间接依赖 npm
org.jboss.weld:weld-lite-extension-translator 5.1.2.Final 间接依赖 maven
parse-json 4.0.0 间接依赖 npm
json-parse-even-better-errors 2.3.1 间接依赖 npm
@fullcalendar/list 5.11.0 直接依赖 npm
com.google.guava:failureaccess 1.0.2 间接依赖 maven
org.primefaces:primefaces-selenium-core 14.0.0-SNAPSHOT 直接依赖 maven
json-parse-better-errors 1.0.2 间接依赖 npm
p-limit 1.3.0 间接依赖 npm
org.jboss.logging:jboss-logging 3.5.0.Final 间接依赖 maven
ignore-walk 4.0.1 间接依赖 npm
is-number-object 1.0.6 间接依赖 npm
balanced-match 1.0.0 间接依赖 npm
eslint-scope 6.0.0 间接依赖 npm
com.fasterxml.jackson.core:jackson-annotations 2.12.7 间接依赖 maven
@egjs/hammerjs 2.0.17 直接依赖 npm
ajv 6.12.6 间接依赖 npm
org.apache.myfaces.core:myfaces-api 4.0.1 直接依赖 maven
org.bouncycastle:bcpkix-jdk18on 1.76 间接依赖 maven
is-bigint 1.0.4 间接依赖 npm
uri-js 4.2.2 间接依赖 npm
org.jdom:jdom2 2.0.6.1 间接依赖 maven
jfree:jfreechart 1.0.1 直接依赖 maven
acorn-jsx 5.3.2 间接依赖 npm
@types/diff 5.0.1 直接依赖 npm
org.jboss.resteasy:resteasy-servlet-initializer 5.0.9.Final 直接依赖 maven
make-fetch-happen 9.1.0 间接依赖 npm
espree 7.3.1 间接依赖 npm
@types/node-fetch 2.5.12 间接依赖 npm
require-from-string 2.0.2 直接依赖 npm
com.google.guava:guava 33.0.0-jre 直接依赖 maven
autonumeric 4.6.0 直接依赖 npm
https-proxy-agent 5.0.0 间接依赖 npm
string.prototype.trimend 1.0.4 间接依赖 npm
@types/minimatch 3.0.5 直接依赖 npm
npm-registry-fetch 12.0.0 间接依赖 npm
string_decoder 1.1.1 间接依赖 npm
io.opentelemetry:opentelemetry-api 1.28.0 间接依赖 maven
@typescript-eslint/visitor-keys 4.31.0 间接依赖 npm
pkg-dir 2.0.0 间接依赖 npm
eslint-utils 2.1.0 间接依赖 npm
lru-cache 6.0.0 间接依赖 npm
import-fresh 3.3.0 间接依赖 npm
com.github.java-json-tools:json-patch 1.13 间接依赖 maven
typescript 4.4.3 直接依赖 npm
eslint-visitor-keys 1.3.0 间接依赖 npm
concat-map 0.0.1 间接依赖 npm
@babel/code-frame 7.12.11 间接依赖 npm
org.seleniumhq.selenium:selenium-remote-driver 4.16.1 间接依赖 maven
@types/sizzle 2.3.2 间接依赖 npm
levn 0.4.1 间接依赖 npm
minipass 3.1.6 间接依赖 npm
http-cache-semantics 4.1.1 间接依赖 npm
form-data 3.0.1 间接依赖 npm
com.google.j2objc:j2objc-annotations 1.3 间接依赖 maven
com.xdev-software:chartjs-java-model 1.1.1 直接依赖 maven
org.jboss.jdeparser:jdeparser 2.0.3.Final 间接依赖 maven
net.bytebuddy:byte-buddy 1.14.11 直接依赖 maven
array.prototype.flat 1.2.4 间接依赖 npm
unique-filename 1.1.1 间接依赖 npm
uuid 8.3.2 直接依赖 npm
org.seleniumhq.selenium:selenium-chromium-driver 4.16.1 间接依赖 maven
humanize-ms 1.2.1 间接依赖 npm
has-bigints 1.0.1 间接依赖 npm
wrappy 1.0.2 间接依赖 npm
org.primefaces:primefaces 14.0.0-SNAPSHOT 直接依赖 maven
eslint-plugin-eslint-comments 3.2.0 直接依赖 npm
es-to-primitive 1.2.1 间接依赖 npm
deep-is 0.1.3 间接依赖 npm
natural-compare 1.4.0 间接依赖 npm
is-date-object 1.0.5 间接依赖 npm
com.fasterxml.jackson.core:jackson-core 2.12.7 间接依赖 maven
rimraf 3.0.2 间接依赖 npm
com.github.albfernandez:juniversalchardet 2.4.0 间接依赖 maven
@types/jquery 3.5.14 间接依赖 npm
validate-npm-package-name 3.0.0 间接依赖 npm
org.jboss.logging:jboss-logging-annotations 2.2.1.Final 间接依赖 maven
safer-buffer 2.1.2 间接依赖 npm
side-channel 1.0.4 间接依赖 npm
org.jboss.weld:weld-spi 5.0.SP3 间接依赖 maven
com.ibm.async:asyncutil 0.1.0 间接依赖 maven
fs.realpath 1.0.0 间接依赖 npm
org.seleniumhq.selenium:selenium-manager 4.16.1 间接依赖 maven
hosted-git-info 2.8.9 间接依赖 npm
org.opentest4j:opentest4j 1.3.0 间接依赖 maven
readable-stream 3.6.0 间接依赖 npm
eslint 7.32.0 直接依赖 npm
net.java.dev.jna:jna 5.13.0 间接依赖 maven
read-package-json-fast 2.0.3 间接依赖 npm
type-fest 0.20.2 间接依赖 npm
signal-exit 3.0.6 间接依赖 npm
@types/ssri 7.1.1 间接依赖 npm
org.bouncycastle:bcprov-jdk18on 1.76 间接依赖 maven
ms 2.1.2 间接依赖 npm
cssfilter 0.0.10 间接依赖 npm
@types/eslint-scope 3.7.1 直接依赖 npm
color-convert 1.9.3 间接依赖 npm
iconv-lite 0.6.3 间接依赖 npm
resolve-from 4.0.0 间接依赖 npm
org.hibernate.validator:hibernate-validator 6.2.4.Final 直接依赖 maven
org.apache.geronimo.specs:geronimo-atinject_1.0_spec 1.2 直接依赖 maven
io.opentelemetry:opentelemetry-semconv 1.28.0-alpha 间接依赖 maven
spdx-exceptions 2.2.0 间接依赖 npm
com.github.docker-java:docker-java-core 3.3.4 间接依赖 maven
jakarta.annotation:jakarta.annotation-api 1.3.5 间接依赖 maven
org.apache.myfaces.core:myfaces-api 2.3-next-M8 直接依赖 maven
minizlib 2.1.2 间接依赖 npm
@types/jqueryui 1.12.16 直接依赖 npm
jsdoc-type-pratt-parser 1.1.1 间接依赖 npm
tar 6.1.11 间接依赖 npm
org.brotli:dec 0.1.2 间接依赖 maven
org.apache.commons:commons-exec 1.3 间接依赖 maven
braces 3.0.2 间接依赖 npm
org.apache.openwebbeans:openwebbeans-web 2.0.27 直接依赖 maven
is-glob 4.0.1 间接依赖 npm
commons-collections:commons-collections 3.2.2 间接依赖 maven
vis-util 5.0.3 直接依赖 npm
@humanwhocodes/object-schema 1.2.0 间接依赖 npm
@babel/helper-validator-identifier 7.12.11 间接依赖 npm
indent-string 4.0.0 间接依赖 npm
com.google.guava:guava 30.1-jre 间接依赖 maven
eslint-import-resolver-node 0.3.6 间接依赖 npm
xss 1.0.13 直接依赖 npm
com.zaxxer:SparseBitSet 1.3 间接依赖 maven
com.github.java-json-tools:msg-simple 1.2 间接依赖 maven
commons-fileupload:commons-fileupload 1.5 直接依赖 maven
npm-bundled 1.1.2 间接依赖 npm
is-core-module 2.6.0 间接依赖 npm
@typescript-eslint/parser 4.31.0 直接依赖 npm
com.fasterxml.jackson.jaxrs:jackson-jaxrs-base 2.12.7 间接依赖 maven
fs-minipass 2.1.0 间接依赖 npm
io.opentelemetry:opentelemetry-exporter-logging 1.28.0 间接依赖 maven
jakarta.enterprise:jakarta.enterprise.cdi-api 4.0.1 间接依赖 maven
unbox-primitive 1.0.1 间接依赖 npm
jakarta.ejb:jakarta.ejb-api 3.2.6 间接依赖 maven
cacache 15.3.0 间接依赖 npm
jakarta.validation:jakarta.validation-api 2.0.2 间接依赖 maven
com.google.guava:listenablefuture 9999.0-empty-to-avoid-conflict-with-guava 间接依赖 maven
jakarta.transaction:jakarta.transaction-api 1.3.2 间接依赖 maven
com.fasterxml.jackson.jaxrs:jackson-jaxrs-json-provider 2.12.7 间接依赖 maven
@typescript-eslint/scope-manager 4.31.0 间接依赖 npm
has 1.0.3 间接依赖 npm
org.jboss.logging:jboss-logging 3.4.1.Final 间接依赖 maven
shiki 0.10.1 间接依赖 npm
read-pkg-up 3.0.0 间接依赖 npm
fast-deep-equal 3.1.3 间接依赖 npm
builtin-modules 1.1.1 间接依赖 npm
bl 4.0.3 间接依赖 npm
type-check 0.4.0 间接依赖 npm
org.seleniumhq.selenium:selenium-devtools-v118 4.16.1 间接依赖 maven
p-locate 2.0.0 间接依赖 npm
org.seleniumhq.selenium:selenium-ie-driver 4.16.1 间接依赖 maven
slash 3.0.0 间接依赖 npm
org.bouncycastle:bcutil-jdk18on 1.76 间接依赖 maven
js-tokens 4.0.0 间接依赖 npm
has-flag 3.0.0 间接依赖 npm
graceful-fs 4.2.8 间接依赖 npm
dir-glob 3.0.1 间接依赖 npm
which-boxed-primitive 1.0.2 间接依赖 npm
tsconfig-paths 3.11.0 间接依赖 npm
org.seleniumhq.selenium:selenium-java 4.16.1 直接依赖 maven
lodash 4.17.21 间接依赖 npm
promise-retry 2.0.1 间接依赖 npm
org.jboss.weld:weld-core-impl 5.1.2.Final 间接依赖 maven
com.google.guava:failureaccess 1.0.1 间接依赖 maven
jakarta.inject:jakarta.inject-api 2.0.1 间接依赖 maven
org.junit.jupiter:junit-jupiter-api 5.10.1 间接依赖 maven
path-is-absolute 1.0.1 间接依赖 npm
jakarta.interceptor:jakarta.interceptor-api 1.2.5 间接依赖 maven
@typescript-eslint/types 4.31.0 间接依赖 npm
org.primefaces.extensions:barcode4j-light 2.3.0 直接依赖 maven
io.opentelemetry:opentelemetry-sdk-logs 1.28.0 间接依赖 maven
error-ex 1.3.2 间接依赖 npm
@npmcli/node-gyp 1.0.3 间接依赖 npm
progress 2.0.3 间接依赖 npm
org.jboss.resteasy:resteasy-cdi 5.0.9.Final 直接依赖 maven
org.jboss.resteasy:resteasy-core 5.0.9.Final 直接依赖 maven
@types/quill 1.3.10 直接依赖 npm
v8-compile-cache 2.1.0 间接依赖 npm
emoji-regex 8.0.0 间接依赖 npm
org.seleniumhq.selenium:selenium-api 4.16.1 间接依赖 maven
npm-pick-manifest 6.1.1 间接依赖 npm
jsplumb 2.15.6 直接依赖 npm
smart-buffer 4.2.0 间接依赖 npm
@npmcli/fs 1.1.0 间接依赖 npm
comment-parser 0.7.6 间接依赖 npm
commons-beanutils:commons-beanutils 1.9.4 间接依赖 maven
org.overviewproject:mime-types 2.0.0 直接依赖 maven
io.opentelemetry:opentelemetry-sdk 1.28.0 间接依赖 maven
ansi-styles 3.2.1 间接依赖 npm
tslint 6.1.3 直接依赖 npm
is-string 1.0.7 间接依赖 npm
mkdirp 1.0.4 间接依赖 npm
@types/raphael 2.3.3 直接依赖 npm
org.jboss.weld.environment:weld-environment-common 5.1.2.Final 间接依赖 maven
negotiator 0.6.2 间接依赖 npm
org.jboss.resteasy:resteasy-core-spi 5.0.9.Final 间接依赖 maven
object.assign 4.1.2 间接依赖 npm
path-exists 3.0.0 间接依赖 npm
fast-json-stable-stringify 2.1.0 间接依赖 npm
vis-timeline 7.7.2 直接依赖 npm
@types/semver 7.3.8 直接依赖 npm
es-abstract 1.18.5 间接依赖 npm
lodash.clonedeep 4.5.0 间接依赖 npm
@types/downloadjs 1.4.3 直接依赖 npm
prelude-ls 1.2.1 间接依赖 npm
topological-sort 0.3.0 直接依赖 npm
org.slf4j:jcl-over-slf4j 1.7.30 间接依赖 maven
@types/json-schema 7.0.9 间接依赖 npm
@tootallnate/once 1.1.2 间接依赖 npm
file-entry-cache 6.0.1 间接依赖 npm
keycharm 0.4.0 直接依赖 npm
gauge 4.0.0 间接依赖 npm
@fullcalendar/common 5.11.0 间接依赖 npm
npm-packlist 3.0.0 间接依赖 npm
org.seleniumhq.selenium:selenium-json 4.16.1 间接依赖 maven
p-try 1.0.0 间接依赖 npm
once 1.4.0 间接依赖 npm
io.opentelemetry:opentelemetry-sdk-extension-autoconfigure 1.28.0 间接依赖 maven
minimatch 3.0.5 间接依赖 npm
inherits 2.0.4 间接依赖 npm
@gar/promisify 1.1.2 间接依赖 npm
org.apache.openwebbeans:openwebbeans-impl 2.0.27 直接依赖 maven
@nodelib/fs.stat 2.0.5 间接依赖 npm
is-callable 1.2.4 间接依赖 npm
org.seleniumhq.selenium:selenium-devtools-v119 4.16.1 间接依赖 maven
@types/estree 0.0.50 间接依赖 npm
sprintf-js 1.0.3 间接依赖 npm
org.apache.poi:poi-ooxml-lite 5.2.5 间接依赖 maven
org.apiguardian:apiguardian-api 1.1.2 间接依赖 maven
com.github.java-json-tools:btf 1.3 间接依赖 maven
eslint-plugin-jsdoc 36.1.0 直接依赖 npm
org.checkerframework:checker-qual 3.5.0 间接依赖 maven
are-we-there-yet 2.0.0 间接依赖 npm
com.fasterxml.jackson.core:jackson-databind 2.10.3 间接依赖 maven
jakarta.enterprise:jakarta.enterprise.lang-model 4.0.1 间接依赖 maven
define-properties 1.1.3 间接依赖 npm
clean-stack 2.2.0 间接依赖 npm
astring 1.7.5 直接依赖 npm
function-bind 1.1.1 间接依赖 npm
com.google.auto.service:auto-service-annotations 1.1.1 间接依赖 maven
org.apache.commons:commons-lang3 3.14.0 直接依赖 maven
org.junit.jupiter:junit-jupiter-engine 5.10.1 直接依赖 maven
acorn-walk 8.2.0 直接依赖 npm
com.rometools:rome-utils 1.19.0 间接依赖 maven
acorn 8.5.0 间接依赖 npm
strip-ansi 6.0.1 间接依赖 npm
spdx-correct 3.1.0 间接依赖 npm
org.jboss.weld.servlet:weld-servlet-core 5.1.2.Final 直接依赖 maven
org.apache.poi:poi-ooxml 5.2.5 直接依赖 maven
tar-stream 2.2.0 直接依赖 npm
vscode-textmate 5.2.0 间接依赖 npm
org.apache.geronimo.specs:geronimo-jcdi_2.0_spec 1.3 直接依赖 maven
commons-logging:commons-logging 1.2 间接依赖 maven
color-name 1.1.3 间接依赖 npm
org.owasp.encoder:encoder 1.2.3 直接依赖 maven
ansi-regex 5.0.1 间接依赖 npm
org.jboss.weld.module:weld-jsf 5.1.2.Final 间接依赖 maven
@humanwhocodes/config-array 0.5.0 间接依赖 npm
com.google.code.gson:gson 2.10.1 间接依赖 maven
err-code 2.0.3 间接依赖 npm
slice-ansi 4.0.0 间接依赖 npm
optionator 0.9.1 间接依赖 npm
@typescript-eslint/eslint-plugin 4.31.0 直接依赖 npm
fs-constants 1.0.0 间接依赖 npm
astral-regex 2.0.0 间接依赖 npm
@typescript-eslint/experimental-utils 4.31.0 间接依赖 npm
@types/google.maps 3.49.2 直接依赖 npm
fast-levenshtein 2.0.6 间接依赖 npm
org.apache.myfaces.core:myfaces-api 2.3.10 直接依赖 maven
esquery 1.4.0 间接依赖 npm
resolve 1.20.0 间接依赖 npm
object-keys 1.1.1 间接依赖 npm
fast-glob 3.2.7 间接依赖 npm
minipass-fetch 1.4.1 间接依赖 npm
org.seleniumhq.selenium:selenium-devtools-v120 4.16.1 间接依赖 maven
is-regex 1.1.4 间接依赖 npm
path-parse 1.0.7 间接依赖 npm
org.apache.commons:commons-collections4 4.4 直接依赖 maven
json5 1.0.2 间接依赖 npm
io.opentelemetry:opentelemetry-context 1.28.0 间接依赖 maven
fastq 1.12.0 间接依赖 npm
flat-cache 3.0.4 间接依赖 npm
agent-base 6.0.2 间接依赖 npm
eslint-module-utils 2.6.2 间接依赖 npm
yallist 4.0.0 间接依赖 npm
org.seleniumhq.selenium:selenium-safari-driver 4.16.1 间接依赖 maven
com.google.errorprone:error_prone_annotations 2.23.0 间接依赖 maven
@nodelib/fs.scandir 2.1.5 间接依赖 npm
normalize-package-data 2.5.0 间接依赖 npm
org.reactivestreams:reactive-streams 1.0.4 间接依赖 maven
org.seleniumhq.selenium:selenium-http 4.16.1 间接依赖 maven
@types/json5 0.0.29 间接依赖 npm
is-lambda 1.0.1 间接依赖 npm
com.github.docker-java:docker-java 3.3.4 间接依赖 maven
has-symbols 1.0.2 间接依赖 npm
globby 11.0.4 间接依赖 npm
env-paths 2.2.1 间接依赖 npm
socks-proxy-agent 6.1.1 间接依赖 npm
moment-timezone 0.5.35 直接依赖 npm
io.opentelemetry:opentelemetry-sdk-metrics 1.28.0 间接依赖 maven
org.apache.commons:commons-compress 1.25.0 间接依赖 maven
@npmcli/git 2.1.0 间接依赖 npm
punycode 2.1.1 间接依赖 npm
@types/pacote 11.1.1 间接依赖 npm
org.checkerframework:checker-qual 3.41.0 间接依赖 maven
load-json-file 4.0.0 间接依赖 npm
libnpmpublish 4.0.2 直接依赖 npm
depd 1.1.2 间接依赖 npm
moment 2.29.4 间接依赖 npm
com.fasterxml.jackson.core:jackson-databind 2.16.1 直接依赖 maven
org.seleniumhq.selenium:selenium-os 4.16.1 间接依赖 maven
io.opentelemetry:opentelemetry-sdk-trace 1.28.0 间接依赖 maven
debug 4.3.2 间接依赖 npm
com.sun.activation:jakarta.activation 1.2.2 间接依赖 maven
print-js 1.6.0 直接依赖 npm
@types/tmp 0.2.1 直接依赖 npm
encoding 0.1.13 间接依赖 npm
@types/npmlog 4.1.3 间接依赖 npm
abbrev 1.1.1 间接依赖 npm
org.apache.commons:commons-math3 3.6.1 间接依赖 maven
call-bind 1.0.2 间接依赖 npm
org.apache.poi:poi 5.2.5 直接依赖 maven
get-intrinsic 1.1.1 间接依赖 npm
nopt 5.0.0 间接依赖 npm
regextras 0.8.0 间接依赖 npm
minipass-json-stream 1.0.1 间接依赖 npm
builtins 1.0.3 间接依赖 npm
console-control-strings 1.1.0 间接依赖 npm
read-pkg 3.0.0 间接依赖 npm
@types/eslint 7.28.0 间接依赖 npm
com.fasterxml.jackson.module:jackson-module-jaxb-annotations 2.12.7 间接依赖 maven
org.jboss.spec.javax.ws.rs:jboss-jaxrs-api_2.1_spec 2.0.2.Final 间接依赖 maven
(0)
上一篇 2024年1月22日
下一篇 2024年1月22日

相关推荐

  • veilid/veilid 软件分析报告

    基础信息 项目名称:veilid/veilid 项目徽章: 仓库地址:https://github.com/pterodactyl/panel 检测报告地址:https://www.murphysec.com/console/report/1727271395791949824/1727271396496592896 此报告由Murphysec提供 漏洞列表…

    软件分析 2023年11月22日
    0
  • in-toto/in-toto 软件分析报告

    基础信息 项目名称:in-toto/in-toto 项目徽章: 仓库地址:https://github.com/pterodactyl/panel 检测报告地址:https://www.murphysec.com/console/report/1718804397316243456/1718804397643399168 此报告由Murphysec提供 漏洞…

    软件分析 2023年10月30日
    0
  • EddyVerbruggen/nativescript-pedometer 软件分析报告

    基础信息 项目名称:EddyVerbruggen/nativescript-pedometer 项目徽章: 仓库地址:https://github.com/pterodactyl/panel 检测报告地址:https://www.murphysec.com/console/report/1717395273356722176/1717395273461579…

    软件分析 2023年10月26日
    0
  • yawlfoundation/yawl 软件分析报告

    基础信息 项目名称:yawlfoundation/yawl 项目徽章: 仓库地址:https://github.com/pterodactyl/panel 检测报告地址:https://www.murphysec.com/console/report/1727223152013955072/1727223155184848896 此报告由Murphysec提…

    软件分析 2023年11月22日
    0
  • ianstormtaylor/permit 软件分析报告

    基础信息 项目名称:ianstormtaylor/permit 项目徽章: 仓库地址:https://github.com/pterodactyl/panel 检测报告地址:https://www.murphysec.com/console/report/1718748870896910336/1718748872859844608 此报告由Murphyse…

    软件分析 2023年10月30日
    0