基础信息
项目名称:skyvers/skyve
项目徽章:
仓库地址:https://github.com/pterodactyl/panel
检测报告地址:https://www.murphysec.com/console/report/1755460944213602304/1755460944284905472
此报告由Murphysec提供
漏洞列表
| 漏洞名称 | 漏洞类型 | MPS编号 | CVE编号 | 漏洞等级 |
|---|---|---|---|---|
| Spring Framework 拒绝服务漏洞 | MPS-1za4-g3fd | CVE-2024-22233 | 高危 | |
| Google Guava 访问控制错误漏洞 | 关键资源权限分配不当 | MPS-2020-17429 | CVE-2020-8908 | 低危 |
| Netty | 在具有不安全权限的目录中创建临时文件 | MPS-2021-1580 | CVE-2021-21290 | 中危 |
| io.netty:netty-codec-http2 | HTTP请求走私 | MPS-2021-2435 | CVE-2021-21295 | 中危 |
| Netty Bzip2Decoder 存在资源穷尽漏洞 | 拒绝服务 | MPS-2021-28116 | CVE-2021-37136 | 高危 |
| Netty 存在资源穷尽漏洞 | 拒绝服务 | MPS-2021-28117 | CVE-2021-37137 | 高危 |
| Sanitize 安全漏洞 | MPS-2021-33944 | CVE-2021-42575 | 严重 | |
| io.netty:netty-codec-http2 | HTTP请求走私 | MPS-2021-3565 | CVE-2021-21409 | 中危 |
| Netty | HTTP请求走私 | MPS-2021-36922 | CVE-2021-43797 | 中危 |
| org.primefaces:primefaces 存在跨站脚本漏洞 | XSS | MPS-2022-11858 | 中危 | |
| org.primefaces:primefaces 存在跨站脚本漏洞 | XSS | MPS-2022-11877 | 中危 | |
| io.netty:netty-codec-http | 拒绝服务 | MPS-2022-12064 | 中危 | |
| io.netty:netty-handler 存在证书验证不恰当漏洞 | 证书验证不恰当 | MPS-2022-12067 | 中危 | |
| org.primefaces:primefaces 存在跨站脚本漏洞 | XSS | MPS-2022-12078 | 中危 | |
| org.primefaces:primefaces 存在跨站脚本漏洞 | XSS | MPS-2022-12202 | 中危 | |
| org.primefaces:primefaces 存在跨站脚本漏洞 | XSS | MPS-2022-12227 | 中危 | |
| org.freemarker:freemarker | 代码注入 | MPS-2022-12438 | 高危 | |
| Netty 存在信息泄露漏洞 | 将资源暴露给错误范围 | MPS-2022-3790 | CVE-2022-24823 | 中危 |
| Netty | 解释冲突 | MPS-2022-58552 | CVE-2022-41915 | 中危 |
| pgjdbc | 不安全的临时文件 | MPS-2022-58583 | CVE-2022-41946 | 中危 |
| Netty 资源管理错误漏洞 | 不加限制或调节的资源分配 | MPS-9u07-bna1 | CVE-2023-34462 | 中危 |
| Guava | 创建拥有不安全权限的临时文件 | MPS-mfku-xzh3 | CVE-2023-2976 | 中危 |
| 【存在争议】FasterXML jackson-databind 代码问题漏洞 | 不加限制或调节的资源分配 | MPS-z1bx-p8y2 | CVE-2023-35116 | 中危 |
缺陷组件
| 组件名称 | 版本 | 最小修复版本 | 依赖关系 | 修复建议 |
|---|---|---|---|---|
| com.fasterxml.jackson.core:jackson-databind | 2.14.1 | 2.16.0 | 间接依赖 | 建议修复 |
| io.netty:netty-handler | 4.1.51.Final | 4.1.94.final | 间接依赖 | 建议修复 |
| com.googlecode.owasp-java-html-sanitizer:owasp-java-html-sanitizer | 20200713.1 | 20211018.2 | 直接依赖 | 建议修复 |
| io.netty:netty-codec | 4.1.51.Final | 4.1.68.Final | 间接依赖 | 建议修复 |
| org.freemarker:freemarker | 2.3.29 | 2.3.30 | 直接依赖 | 建议修复 |
| com.google.guava:guava | 27.1-jre | 32.0.0-jre | 间接依赖 | 建议修复 |
| io.netty:netty-codec-http | 4.1.51.Final | 4.1.86.final | 间接依赖 | 可选修复 |
| org.springframework:spring-core | 6.1.2 | 6.1.3 | 间接依赖 | 可选修复 |
| io.netty:netty-codec-http2 | 4.1.51.Final | 4.1.61.Final | 间接依赖 | 可选修复 |
| org.primefaces:primefaces | 13.0.5 | 直接依赖 | 可选修复 | |
| io.netty:netty-transport-native-epoll | 4.1.51.Final | 4.1.59.Final | 间接依赖 | 可选修复 |
| org.postgresql:postgresql | 42.5.0 | 42.5.1 | 间接依赖 | 可选修复 |
| io.netty:netty-common | 4.1.51.Final | 4.1.77.Final | 间接依赖 | 可选修复 |
许可证风险
| 许可证类型 | 相关组件 | 许可证风险 |
|---|---|---|
| MIT | 35 | 低 |
| Apache-2.0 | 149 | 低 |
| LGPL-2.1 | 6 | 中 |
| EPL-1.0 | 3 | 低 |
| EPL-2.0 | 27 | 低 |
| GPL-2.0-with-classpath-exception | 23 | 中 |
| BSD-3-Clause | 8 | 低 |
| EDL-1.0 | 9 | 低 |
| UCL-1.0 | 1 | 低 |
| CDDL-1.1 | 3 | 低 |
| GPL-3.0 | 2 | 中 |
| CC0-1.0 | 1 | 低 |
| BSD-2-Clause | 5 | 低 |
| Public-Domain | 1 | 低 |
| MPL-1.1 | 2 | 低 |
| LGPL-2.1-or-later | 3 | 低 |
| LGPL-3.0 | 4 | 中 |
| MPL-2.0 | 1 | 低 |
| CDDL-1.0 | 1 | 低 |
| AND | 1 | 低 |
| ISC | 1 | 低 |
| ANTLR-PD | 1 | 低 |
| LGPL-2.0 | 1 | 中 |
SBOM清单
| 组件名称 | 组件版本 | 是否直接依赖 | 仓库 |
|---|---|---|---|
| org.primefaces.extensions:primefaces-extensions | 13.0.5 | 直接依赖 | maven |
| org.apache.pdfbox:fontbox | 2.0.29 | 间接依赖 | maven |
| @vue/compiler-sfc | 3.2.41 | 间接依赖 | npm |
| org.jboss.jdeparser:jdeparser | 2.0.3.Final | 间接依赖 | maven |
| org.apache.james:apache-mime4j-core | 0.8.9 | 间接依赖 | maven |
| org.springframework:spring-web | 6.1.2 | 间接依赖 | maven |
| org.apache.poi:poi | 5.2.3 | 直接依赖 | maven |
| com.nimbusds:oauth2-oidc-sdk | 9.43.3 | 间接依赖 | maven |
| org.slf4j:slf4j-api | 2.0.11 | 直接依赖 | maven |
| org.omnifaces:omnifaces | 4.3 | 直接依赖 | maven |
| io.netty:netty-codec-http2 | 4.1.51.Final | 间接依赖 | maven |
| io.netty:netty-transport | 4.1.51.Final | 间接依赖 | maven |
| com.epam:parso | 2.0.14 | 间接依赖 | maven |
| com.fasterxml.jackson.datatype:jackson-datatype-jsr310 | 2.10.1 | 间接依赖 | maven |
| io.micrometer:micrometer-commons | 1.12.1 | 间接依赖 | maven |
| com.mchange:mchange-commons-java | 0.2.15 | 间接依赖 | maven |
| jakarta.servlet.jsp:jakarta.servlet.jsp-api | 3.1.0 | 间接依赖 | maven |
| org.apache.tika:tika-parser-mail-module | 2.9.1 | 间接依赖 | maven |
| net.sf.supercsv:super-csv | 2.4.0 | 直接依赖 | maven |
| org.apache.tika:tika-core | 2.9.1 | 直接依赖 | maven |
| net.bytebuddy:byte-buddy | 1.12.18 | 间接依赖 | maven |
| org.ccil.cowan.tagsoup:tagsoup | 1.2.1 | 间接依赖 | maven |
| com.univocity:univocity-parsers | 2.9.1 | 间接依赖 | maven |
| org.apache.tika:tika-parser-microsoft-module | 2.9.1 | 间接依赖 | maven |
| org.apache.commons:commons-csv | 1.10.0 | 间接依赖 | maven |
| org.apache.tika:tika-parser-mail-commons | 2.9.1 | 间接依赖 | maven |
| commons-logging:commons-logging | 1.2 | 间接依赖 | maven |
| org.apache.commons:commons-lang3 | 3.12.0 | 直接依赖 | maven |
| org.codehaus.mojo:animal-sniffer-annotations | 1.17 | 间接依赖 | maven |
| org.slf4j:slf4j-jdk14 | 2.0.11 | 直接依赖 | maven |
| io.netty:netty-codec-http | 4.1.51.Final | 间接依赖 | maven |
| org.apache.lucene:lucene-core | 9.7.0 | 直接依赖 | maven |
| org.ow2.asm:asm | 9.6 | 间接依赖 | maven |
| org.apache.logging.log4j:log4j-api | 2.18.0 | 间接依赖 | maven |
| org.eclipse.jdt:ecj | 3.21.0 | 间接依赖 | maven |
| jakarta.persistence:jakarta.persistence-api | 3.0.0 | 间接依赖 | maven |
| javax.cache:cache-api | 1.0.0 | 间接依赖 | maven |
| com.github.jai-imageio:jai-imageio-core | 1.4.0 | 间接依赖 | maven |
| org.springframework.security:spring-security-crypto | 6.2.1 | 间接依赖 | maven |
| jakarta.servlet:jakarta.servlet-api | 6.0.0 | 间接依赖 | maven |
| org.glassfish.jaxb:jaxb-runtime | 3.0.0 | 间接依赖 | maven |
| org.apache.lucene:lucene-sandbox | 9.7.0 | 间接依赖 | maven |
| org.apache.commons:commons-text | 1.10.0 | 直接依赖 | maven |
| org.apache.tika:tika-parser-xml-module | 2.9.1 | 间接依赖 | maven |
| net.gcardone.junidecode:junidecode | 0.4.1 | 直接依赖 | maven |
| jakarta.enterprise:jakarta.enterprise.cdi-api | 4.0.1 | 间接依赖 | maven |
| com.zaxxer:SparseBitSet | 1.2 | 间接依赖 | maven |
| vue | 3.2.41 | 间接依赖 | npm |
| org.apache.tika:tika-parser-webarchive-module | 2.9.1 | 间接依赖 | maven |
| io.netty:netty-transport-native-epoll | 4.1.51.Final | 间接依赖 | maven |
| jakarta.websocket:jakarta.websocket-client-api | 2.1.0 | 间接依赖 | maven |
| com.squareup:javapoet | 1.13.0 | 直接依赖 | maven |
| jakarta.security.enterprise:jakarta.security.enterprise-api | 3.0.0 | 间接依赖 | maven |
| org.apache.lucene:lucene-backward-codecs | 9.7.0 | 直接依赖 | maven |
| jakarta.activation:jakarta.activation-api | 2.1.2 | 间接依赖 | maven |
| @vue/shared | 3.2.41 | 间接依赖 | npm |
| org.skyve:skyve-web | 9.0.0-SNAPSHOT | 直接依赖 | maven |
| jakarta.mail:jakarta.mail-api | 2.1.0 | 间接依赖 | maven |
| com.fasterxml:classmate | 1.5.1 | 间接依赖 | maven |
| com.github.junrar:junrar | 7.5.5 | 间接依赖 | maven |
| com.googlecode.owasp-java-html-sanitizer:owasp-java-html-sanitizer | 20200713.1 | 直接依赖 | maven |
| org.glassfish.jaxb:jaxb-core | 3.0.0 | 间接依赖 | maven |
| io.netty:netty-resolver | 4.1.51.Final | 间接依赖 | maven |
| org.reactivestreams:reactive-streams | 1.0.3 | 间接依赖 | maven |
| org.apache.commons:commons-collections4 | 4.4 | 间接依赖 | maven |
| xml-apis:xml-apis | 1.4.01 | 间接依赖 | maven |
| @babel/parser | 7.20.0 | 间接依赖 | npm |
| jakarta.annotation:jakarta.annotation-api | 2.1.0 | 间接依赖 | maven |
| jakarta.json.bind:jakarta.json.bind-api | 3.0.0 | 间接依赖 | maven |
| com.sun.activation:jakarta.activation | 2.0.1 | 间接依赖 | maven |
| commons-io:commons-io | 2.11.0 | 直接依赖 | maven |
| org.primefaces.themes:all-themes | 1.0.10 | 直接依赖 | maven |
| @vue/compiler-core | 3.2.41 | 间接依赖 | npm |
| org.quartz-scheduler:quartz | 2.3.2 | 直接依赖 | maven |
| org.freemarker:freemarker | 2.3.29 | 直接依赖 | maven |
| org.jboss.classfilewriter:jboss-classfilewriter | 1.3.0.Final | 间接依赖 | maven |
| net.minidev:accessors-smart | 2.4.9 | 间接依赖 | maven |
| org.codehaus.plexus:plexus-interactivity-api | 1.0-alpha-6 | 直接依赖 | maven |
| source-map | 0.6.1 | 间接依赖 | npm |
| io.netty:netty-transport-native-kqueue | 4.1.51.Final | 间接依赖 | maven |
| org.apache.tika:tika-parser-miscoffice-module | 2.9.1 | 间接依赖 | maven |
| net.coobird:thumbnailator | 0.4.8 | 直接依赖 | maven |
| org.springframework:spring-aop | 6.1.2 | 间接依赖 | maven |
| org.apache.tika:tika-parser-cad-module | 2.9.1 | 间接依赖 | maven |
| nanoid | 3.3.7 | 间接依赖 | npm |
| jakarta.servlet.jsp.jstl:jakarta.servlet.jsp.jstl-api | 3.0.0 | 间接依赖 | maven |
| org.owasp.encoder:encoder | 1.2.3 | 直接依赖 | maven |
| com.azure:azure-storage-blob | 12.8.0 | 直接依赖 | maven |
| io.micrometer:micrometer-observation | 1.12.1 | 间接依赖 | maven |
| jakarta.faces:jakarta.faces-api | 4.0.1 | 间接依赖 | maven |
| org.apache.lucene:lucene-highlighter | 9.7.0 | 直接依赖 | maven |
| estree-walker | 2.0.2 | 间接依赖 | npm |
| org.apache.commons:commons-compress | 1.21 | 间接依赖 | maven |
| org.springframework.security:spring-security-oauth2-client | 6.2.1 | 直接依赖 | maven |
| org.apache.tika:tika-parser-image-module | 2.9.1 | 间接依赖 | maven |
| com.nimbusds:nimbus-jose-jwt | 9.24.4 | 间接依赖 | maven |
| com.google.code.findbugs:jsr305 | 3.0.2 | 间接依赖 | maven |
| org.skyve:skyve-core | 9.0.0-SNAPSHOT | 直接依赖 | maven |
| org.springframework:spring-tx | 6.1.3 | 间接依赖 | maven |
| org.springframework.security:spring-security-core | 6.2.1 | 间接依赖 | maven |
| org.jboss.weld:weld-api | 5.0.SP3 | 间接依赖 | maven |
| com.healthmarketscience.jackcess:jackcess | 4.0.5 | 间接依赖 | maven |
| @vue/runtime-core | 3.2.41 | 间接依赖 | npm |
| jakarta.validation:jakarta.validation-api | 3.0.2 | 间接依赖 | maven |
| org.apache.tika:tika-parser-digest-commons | 2.9.1 | 间接依赖 | maven |
| commons-beanutils:commons-beanutils | 1.9.4 | 直接依赖 | maven |
| @vue/reactivity | 3.2.41 | 间接依赖 | npm |
| org.apache.tika:tika-parser-audiovideo-module | 2.9.1 | 间接依赖 | maven |
| org.apache.james:apache-mime4j-dom | 0.8.9 | 间接依赖 | maven |
| @vue/server-renderer | 3.2.41 | 间接依赖 | npm |
| io.netty:netty-codec-socks | 4.1.51.Final | 间接依赖 | maven |
| org.codehaus.woodstox:stax2-api | 4.2.1 | 间接依赖 | maven |
| io.netty:netty-tcnative-boringssl-static | 2.0.31.Final | 间接依赖 | maven |
| xerces:xercesImpl | 2.12.2 | 间接依赖 | maven |
| com.rometools:rome | 2.1.0 | 间接依赖 | maven |
| org.springframework.security:spring-security-oauth2-core | 6.2.1 | 间接依赖 | maven |
| org.apache.tika:tika-parser-news-module | 2.9.1 | 间接依赖 | maven |
| com.google.guava:listenablefuture | 9999.0-empty-to-avoid-conflict-with-guava | 间接依赖 | maven |
| org.apache.lucene:lucene-queryparser | 9.7.0 | 直接依赖 | maven |
| org.tukaani:xz | 1.2 | 间接依赖 | maven |
| com.cronutils:cron-utils | 9.2.1 | 直接依赖 | maven |
| org.ow2.asm:asm | 9.3 | 间接依赖 | maven |
| jakarta.interceptor:jakarta.interceptor-api | 2.1.0 | 间接依赖 | maven |
| com.github.albfernandez:juniversalchardet | 2.4.0 | 间接依赖 | maven |
| commons-collections:commons-collections | 3.2.2 | 间接依赖 | maven |
| com.azure:azure-storage-internal-avro | 12.0.0 | 间接依赖 | maven |
| org.eclipse.angus:angus-activation | 2.0.1 | 间接依赖 | maven |
| com.adobe.xmp:xmpcore | 6.1.11 | 间接依赖 | maven |
| org.skyve:skyve-tools | 9.0.0-SNAPSHOT | 直接依赖 | maven |
| org.springframework:spring-jcl | 6.1.2 | 间接依赖 | maven |
| io.projectreactor:reactor-core | 3.3.8.RELEASE | 间接依赖 | maven |
| com.google.errorprone:error_prone_annotations | 2.2.0 | 间接依赖 | maven |
| org.bouncycastle:bcutil-jdk18on | 1.76 | 间接依赖 | maven |
| org.apache.tika:tika-parser-font-module | 2.9.1 | 间接依赖 | maven |
| magic-string | 0.25.9 | 间接依赖 | npm |
| com.fasterxml.jackson.core:jackson-annotations | 2.14.1 | 间接依赖 | maven |
| jakarta.ejb:jakarta.ejb-api | 4.0.1 | 间接依赖 | maven |
| org.brotli:dec | 0.1.2 | 间接依赖 | maven |
| net.minidev:json-smart | 2.4.10 | 间接依赖 | maven |
| com.google.j2objc:j2objc-annotations | 1.1 | 间接依赖 | maven |
| jakarta.authentication:jakarta.authentication-api | 3.0.0 | 间接依赖 | maven |
| org.glassfish.expressly:expressly | 5.0.0 | 直接依赖 | maven |
| jakarta.enterprise:jakarta.enterprise.lang-model | 4.0.1 | 间接依赖 | maven |
| primevue | 3.35.0 | 间接依赖 | npm |
| org.xhtmlrenderer:flying-saucer-core | 9.1.22 | 间接依赖 | maven |
| org.apache.lucene:lucene-queries | 9.7.0 | 间接依赖 | maven |
| org.jfree:jcommon | 1.0.23 | 间接依赖 | maven |
| com.azure:azure-core-http-netty | 1.5.4 | 间接依赖 | maven |
| org.hibernate:hibernate-spatial | 5.6.15.Final | 直接依赖 | maven |
| org.jboss.weld:weld-core-impl | 5.1.2.Final | 间接依赖 | maven |
| org.eclipse.angus:jakarta.mail | 2.0.2 | 直接依赖 | maven |
| org.hibernate.common:hibernate-commons-annotations | 5.1.2.Final | 间接依赖 | maven |
| org.xhtmlrenderer:flying-saucer-pdf-openpdf | 9.1.22 | 直接依赖 | maven |
| org.geolatte:geolatte-geom | 1.8.2 | 间接依赖 | maven |
| @vue/compiler-ssr | 3.2.41 | 间接依赖 | npm |
| org.postgresql:postgresql | 42.5.0 | 间接依赖 | maven |
| @vue/compiler-dom | 3.2.41 | 间接依赖 | npm |
| org.apache.pdfbox:jempbox | 1.8.17 | 间接依赖 | maven |
| jakarta.inject:jakarta.inject-api | 2.0.1 | 间接依赖 | maven |
| com.fasterxml.jackson.dataformat:jackson-dataformat-xml | 2.14.1 | 间接依赖 | maven |
| org.springframework:spring-beans | 6.1.2 | 间接依赖 | maven |
| org.gagravarr:vorbis-java-core | 0.8 | 间接依赖 | maven |
| com.rometools:rome-utils | 2.1.0 | 间接依赖 | maven |
| io.netty:netty-transport-native-unix-common | 4.1.51.Final | 间接依赖 | maven |
| org.jboss.weld.se:weld-se-core | 5.1.2.Final | 直接依赖 | maven |
| com.atlassian.commonmark:commonmark | 0.10.0 | 直接依赖 | maven |
| com.github.librepdf:openpdf | 1.3.30.jaspersoft.2 | 间接依赖 | maven |
| com.nimbusds:lang-tag | 1.7 | 间接依赖 | maven |
| org.apache.tika:tika-parser-zip-commons | 2.9.1 | 间接依赖 | maven |
| org.apache.tika:tika-parser-pkg-module | 2.9.1 | 间接依赖 | maven |
| com.googlecode.plist:dd-plist | 1.27 | 间接依赖 | maven |
| org.apache.poi:poi-scratchpad | 5.2.3 | 直接依赖 | maven |
| org.springframework.security:spring-security-web | 6.2.1 | 直接依赖 | maven |
| org.codelibs:jhighlight | 1.1.0 | 间接依赖 | maven |
| io.projectreactor.netty:reactor-netty | 0.9.10.RELEASE | 间接依赖 | maven |
| org.netpreserve:jwarc | 0.28.3 | 间接依赖 | maven |
| org.jboss.weld:weld-lite-extension-translator | 5.1.2.Final | 间接依赖 | maven |
| org.apache.tika:tika-parser-crypto-module | 2.9.1 | 间接依赖 | maven |
| org.dom4j:dom4j | 2.1.3 | 间接依赖 | maven |
| com.healthmarketscience.jackcess:jackcess-encrypt | 4.0.2 | 间接依赖 | maven |
| com.google.guava:guava | 27.1-jre | 间接依赖 | maven |
| com.drewnoakes:metadata-extractor | 2.18.0 | 间接依赖 | maven |
| org.apache.tika:tika-parsers-standard-package | 2.9.1 | 直接依赖 | maven |
| jakarta.xml.bind:jakarta.xml.bind-api | 3.0.1 | 间接依赖 | maven |
| org.locationtech.jts:jts-core | 1.19.0 | 直接依赖 | maven |
| csstype | 2.6.21 | 间接依赖 | npm |
| com.github.stephenc.jcip:jcip-annotations | 1.0-1 | 间接依赖 | maven |
| dk.brics.automaton:automaton | 1.11-8 | 间接依赖 | maven |
| com.github.virtuald:curvesapi | 1.07 | 间接依赖 | maven |
| org.apache.poi:poi-ooxml | 5.2.3 | 直接依赖 | maven |
| org.slf4j:jcl-over-slf4j | 2.0.9 | 间接依赖 | maven |
| org.jboss.logging:jboss-logging-processor | 2.2.1.Final | 间接依赖 | maven |
| org.jfree:jfreechart | 1.0.19 | 间接依赖 | maven |
| com.azure:azure-storage-common | 12.8.0 | 间接依赖 | maven |
| io.netty:netty-codec | 4.1.51.Final | 间接依赖 | maven |
| com.github.zafarkhaja:java-semver | 0.9.0 | 间接依赖 | maven |
| org.tallison:jmatio | 1.5 | 间接依赖 | maven |
| org.skyve:skyve-ext | 9.0.0-SNAPSHOT | 直接依赖 | maven |
| org.apache.tika:tika-parser-text-module | 2.9.1 | 间接依赖 | maven |
| com.google.guava:failureaccess | 1.0.1 | 间接依赖 | maven |
| org.bouncycastle:bcmail-jdk18on | 1.76 | 间接依赖 | maven |
| jakarta.json:jakarta.json-api | 2.1.0 | 间接依赖 | maven |
| com.jaspersoft:ireport | 4.7.0 | 直接依赖 | maven |
| org.apache.poi:poi-ooxml-lite | 5.2.3 | 间接依赖 | maven |
| org.apache.pdfbox:jbig2-imageio | 3.0.4 | 间接依赖 | maven |
| org.springframework:spring-context | 6.1.2 | 间接依赖 | maven |
| org.springframework:spring-core | 6.1.2 | 间接依赖 | maven |
| org.codehaus.plexus:plexus-component-api | 1.0-alpha-16 | 间接依赖 | maven |
| org.gagravarr:vorbis-java-tika | 0.8 | 间接依赖 | maven |
| @vue/runtime-dom | 3.2.41 | 间接依赖 | npm |
| org.javassist:javassist | 3.20.0-GA | 直接依赖 | maven |
| commons-codec:commons-codec | 1.15 | 直接依赖 | maven |
| org.jboss.logging:jboss-logging-annotations | 2.2.1.Final | 间接依赖 | maven |
| jakarta.el:jakarta.el-api | 5.0.1 | 间接依赖 | maven |
| com.mchange:c3p0 | 0.9.5.4 | 间接依赖 | maven |
| org.glassfish.jaxb:txw2 | 3.0.0 | 间接依赖 | maven |
| jakarta.batch:jakarta.batch-api | 2.1.1 | 间接依赖 | maven |
| com.github.mifmif:generex | 1.0.2 | 直接依赖 | maven |
| jakarta.transaction:jakarta.transaction-api | 2.0.0 | 间接依赖 | maven |
| com.blueconic:browscap-java | 1.4.3 | 直接依赖 | maven |
| org.apache.commons:commons-math3 | 3.6.1 | 间接依赖 | maven |
| commons-fileupload:commons-fileupload | 1.5 | 直接依赖 | maven |
| jakarta.websocket:jakarta.websocket-api | 2.1.0 | 间接依赖 | maven |
| com.nimbusds:content-type | 2.2 | 间接依赖 | maven |
| com.fasterxml.jackson.core:jackson-core | 2.14.1 | 间接依赖 | maven |
| org.primefaces:primefaces | 13.0.5 | 直接依赖 | maven |
| jakarta.jms:jakarta.jms-api | 3.1.0 | 间接依赖 | maven |
| org.skyve:skyve-war | 9.0.0-SNAPSHOT | 直接依赖 | maven |
| primeicons | 6.0.1 | 间接依赖 | npm |
| com.azure:azure-core | 1.7.0 | 间接依赖 | maven |
| org.apache.tika:tika-parser-xmp-commons | 2.9.1 | 间接依赖 | maven |
| jakarta.annotation:jakarta.annotation-api | 2.1.1 | 间接依赖 | maven |
| org.bouncycastle:bcpkix-jdk18on | 1.76 | 间接依赖 | maven |
| jakarta.authorization:jakarta.authorization-api | 2.1.0 | 间接依赖 | maven |
| org.checkerframework:checker-qual | 3.5.0 | 间接依赖 | maven |
| org.hibernate:hibernate-jcache | 5.6.15.Final | 直接依赖 | maven |
| org.jboss.weld:weld-spi | 5.0.SP3 | 间接依赖 | maven |
| com.h2database:h2 | 2.2.220 | 直接依赖 | maven |
| org.apache.xmlbeans:xmlbeans | 5.1.1 | 间接依赖 | maven |
| com.sun.istack:istack-commons-runtime | 4.0.0 | 间接依赖 | maven |
| io.netty:netty-buffer | 4.1.51.Final | 间接依赖 | maven |
| org.apache.tika:tika-parser-html-module | 2.9.1 | 间接依赖 | maven |
| org.pf4j:pf4j | 3.10.0 | 直接依赖 | maven |
| picocolors | 1.0.0 | 间接依赖 | npm |
| org.jdom:jdom2 | 2.0.6.1 | 间接依赖 | maven |
| org.apache.tika:tika-parser-code-module | 2.9.1 | 间接依赖 | maven |
| com.fasterxml.jackson.core:jackson-databind | 2.14.1 | 间接依赖 | maven |
| org.apache.pdfbox:pdfbox | 2.0.29 | 间接依赖 | maven |
| source-map-js | 1.0.2 | 间接依赖 | npm |
| org.bouncycastle:bcprov-jdk18on | 1.76 | 间接依赖 | maven |
| commons-validator:commons-validator | 1.7 | 直接依赖 | maven |
| com.zaxxer:HikariCP-java7 | 2.4.13 | 间接依赖 | maven |
| com.pff:java-libpst | 0.9.3 | 间接依赖 | maven |
| org.apache.tika:tika-parser-apple-module | 2.9.1 | 间接依赖 | maven |
| org.apache.tika:tika-parser-pdf-module | 2.9.1 | 间接依赖 | maven |
| com.fasterxml.woodstox:woodstox-core | 6.4.0 | 间接依赖 | maven |
| org.hibernate:hibernate-core-jakarta | 5.6.15.Final | 直接依赖 | maven |
| org.apache.lucene:lucene-analysis-common | 9.7.0 | 直接依赖 | maven |
| sourcemap-codec | 1.4.8 | 间接依赖 | npm |
| @vue/reactivity-transform | 3.2.41 | 间接依赖 | npm |
| antlr:antlr | 2.7.7 | 间接依赖 | maven |
| jakarta.activation:jakarta.activation-api | 2.1.0 | 间接依赖 | maven |
| io.netty:netty-handler-proxy | 4.1.51.Final | 间接依赖 | maven |
| org.jboss.weld.environment:weld-environment-common | 5.1.2.Final | 间接依赖 | maven |
| org.apache.pdfbox:xmpbox | 2.0.29 | 间接依赖 | maven |
| postcss | 8.4.31 | 间接依赖 | npm |
| io.netty:netty-handler | 4.1.51.Final | 间接依赖 | maven |
| jakarta.platform:jakarta.jakartaee-web-api | 10.0.0 | 间接依赖 | maven |
| org.jboss.logging:jboss-logging | 3.4.3.Final | 间接依赖 | maven |
| jakarta.el:jakarta.el-api | 5.0.0 | 间接依赖 | maven |
| org.springframework.security:spring-security-config | 6.2.1 | 直接依赖 | maven |
| org.apache.commons:commons-exec | 1.3 | 间接依赖 | maven |
| jakarta.ws.rs:jakarta.ws.rs-api | 3.1.0 | 间接依赖 | maven |
| org.apache.pdfbox:pdfbox-tools | 2.0.29 | 间接依赖 | maven |
| jakarta.platform:jakarta.jakartaee-api | 10.0.0 | 直接依赖 | maven |
| jakarta.resource:jakarta.resource-api | 2.1.0 | 间接依赖 | maven |
| org.apache.lucene:lucene-memory | 9.7.0 | 间接依赖 | maven |
| org.springframework:spring-expression | 6.1.2 | 间接依赖 | maven |
| io.netty:netty-common | 4.1.51.Final | 间接依赖 | maven |
| org.apache.tika:tika-parser-ocr-module | 2.9.1 | 间接依赖 | maven |
| commons-digester:commons-digester | 2.1 | 间接依赖 | maven |
| org.springframework:spring-jdbc | 6.1.3 | 直接依赖 | maven |
| org.ehcache:ehcache | 3.10.0 | 直接依赖 | maven |
| net.sf.jasperreports:jasperreports | 6.20.5 | 直接依赖 | maven |