strimzi/strimzi-kafka-operator 软件分析报告

基础信息

项目名称:strimzi/strimzi-kafka-operator

项目徽章:

Security Status

仓库地址:https://github.com/pterodactyl/panel

检测报告地址:https://www.murphysec.com/console/report/1756612676055134208/1757947544866914304

此报告由Murphysec提供

漏洞列表

漏洞名称 漏洞类型 MPS编号 CVE编号 漏洞等级
Eclipse Jetty URI注入漏洞 注入 MPS-2022-18060 CVE-2022-2047 低危

缺陷组件

组件名称 版本 最小修复版本 依赖关系 修复建议
org.eclipse.jetty:jetty-http 9.4.53.v20231009 11.0.16 间接依赖 可选修复

许可证风险

许可证类型 相关组件 许可证风险
Apache-2.0 130
BSD-2-Clause 4
EPL-2.0 6
BSD-3-Clause 2
MIT 7
EDL-1.0 3
EPL-1.0 6
CC0-1.0 2
GPL-2.0-with-classpath-exception 2
GPL-2.0 1
CDDL-1.1 2

SBOM清单

组件名称 组件版本 是否直接依赖 仓库
org.codehaus.groovy:groovy 3.0.8 间接依赖 maven
io.netty:netty-transport-native-unix-common 4.1.106.Final 间接依赖 maven
io.fabric8:openshift-model-console 6.10.0 间接依赖 maven
com.github.luben:zstd-jni 1.5.5-1 间接依赖 maven
org.apache.kafka:kafka-raft 3.6.1 直接依赖 maven
io.netty:netty-buffer 4.1.106.Final 间接依赖 maven
io.netty:netty-handler 4.1.106.Final 间接依赖 maven
io.fabric8:kubernetes-model-node 6.10.0 间接依赖 maven
io.fabric8:kubernetes-model-flowcontrol 6.10.0 间接依赖 maven
org.junit.platform:junit-platform-engine 1.8.2 直接依赖 maven
io.fabric8:openshift-model-miscellaneous 6.10.0 间接依赖 maven
io.fabric8:kubernetes-model-core 6.10.0 直接依赖 maven
io.fabric8:kubernetes-model-policy 6.10.0 直接依赖 maven
io.fabric8:kubernetes-model-autoscaling 6.10.0 间接依赖 maven
io.fabric8:openshift-model-storageversionmigrator 6.10.0 间接依赖 maven
io.netty:netty-codec-socks 4.1.106.Final 间接依赖 maven
net.minidev:accessors-smart 2.5.0 间接依赖 maven
org.scala-lang.modules:scala-collection-compat_2.13 2.10.0 间接依赖 maven
io.prometheus:simpleclient_tracer_otel 0.16.0 间接依赖 maven
org.apache.kafka:kafka-clients 3.6.1 直接依赖 maven
dk.brics.automaton:automaton 1.11-8 间接依赖 maven
io.strimzi:kafka-oauth-client 0.14.0 直接依赖 maven
com.fasterxml.jackson.dataformat:jackson-dataformat-csv 2.16.1 间接依赖 maven
org.opentest4j:opentest4j 1.2.0 直接依赖 maven
com.thoughtworks.paranamer:paranamer 2.8 间接依赖 maven
io.fabric8:kubernetes-model-networking 6.10.0 直接依赖 maven
io.netty:netty-transport-classes-epoll 4.1.106.Final 间接依赖 maven
io.fabric8:kubernetes-model-extensions 6.10.0 间接依赖 maven
io.fabric8:openshift-client-api 6.10.0 直接依赖 maven
io.fabric8:kubernetes-model-events 6.10.0 直接依赖 maven
io.fabric8:kubernetes-httpclient-jdk 6.10.0 直接依赖 maven
org.checkerframework:checker-qual 3.19.0 间接依赖 maven
org.junit.platform:junit-platform-launcher 1.8.2 直接依赖 maven
commons-cli:commons-cli 1.4 间接依赖 maven
io.prometheus:simpleclient_tracer_common 0.16.0 间接依赖 maven
io.netty:netty-codec 4.1.106.Final 间接依赖 maven
io.fabric8:kubernetes-client 6.10.0 直接依赖 maven
org.apache.kafka:kafka-streams 3.6.1 直接依赖 maven
io.dropwizard.metrics:metrics-core 4.1.12.1 间接依赖 maven
com.sun.xml.bind:jaxb-impl 2.3.3 间接依赖 maven
org.apiguardian:apiguardian-api 1.1.2 间接依赖 maven
org.eclipse.jetty:jetty-server 9.4.53.v20231009 直接依赖 maven
org.hdrhistogram:HdrHistogram 2.1.12 间接依赖 maven
io.apicurio:apicurio-registry-utils-streams 1.3.2.Final 直接依赖 maven
com.yammer.metrics:metrics-core 2.2.0 间接依赖 maven
io.fabric8:kubernetes-model-coordination 6.10.0 直接依赖 maven
org.ccil.cowan.tagsoup:tagsoup 1.2.1 间接依赖 maven
io.prometheus:simpleclient 0.16.0 间接依赖 maven
org.quartz-scheduler:quartz 2.3.2 直接依赖 maven
io.micrometer:micrometer-commons 1.12.2 间接依赖 maven
io.netty:netty-handler-proxy 4.1.106.Final 间接依赖 maven
io.fabric8:openshift-model-machineconfig 6.10.0 间接依赖 maven
io.netty:netty-codec-http 4.1.106.Final 间接依赖 maven
org.apache.logging.log4j:log4j-api 2.17.2 直接依赖 maven
jakarta.annotation:jakarta.annotation-api 1.3.5 间接依赖 maven
org.eclipse.jetty:jetty-http 9.4.53.v20231009 间接依赖 maven
io.fabric8:kubernetes-model-rbac 6.10.0 直接依赖 maven
net.minidev:json-smart 2.5.0 间接依赖 maven
commons-validator:commons-validator 1.7 间接依赖 maven
com.fasterxml.jackson.datatype:jackson-datatype-jsr310 2.16.1 间接依赖 maven
io.strimzi:certificate-manager 0.40.0-SNAPSHOT 直接依赖 maven
org.bitbucket.b_c:jose4j 0.9.3 间接依赖 maven
io.netty:netty-codec-dns 4.1.106.Final 间接依赖 maven
io.fabric8:openshift-model-hive 6.10.0 间接依赖 maven
com.fasterxml.jackson.datatype:jackson-datatype-jdk8 2.16.1 间接依赖 maven
io.netty:netty-resolver 4.1.106.Final 间接依赖 maven
io.fabric8:kubernetes-model-gatewayapi 6.10.0 间接依赖 maven
org.apache.kafka:kafka-group-coordinator 3.6.1 间接依赖 maven
commons-codec:commons-codec 1.13 间接依赖 maven
org.rocksdb:rocksdbjni 7.9.2 间接依赖 maven
com.github.stephenc.jcip:jcip-annotations 1.0-1 间接依赖 maven
io.strimzi:operator-common 0.40.0-SNAPSHOT 直接依赖 maven
org.eclipse.jetty:jetty-util 9.4.53.v20231009 间接依赖 maven
io.fabric8:kubernetes-model-resource 6.10.0 间接依赖 maven
org.apache.httpcomponents:httpmime 4.5.13 间接依赖 maven
org.apache.kafka:kafka-storage-api 3.6.1 间接依赖 maven
org.apache.kafka:kafka-storage 3.6.1 间接依赖 maven
org.scala-lang:scala-reflect 2.13.11 间接依赖 maven
io.micrometer:micrometer-registry-prometheus 1.12.2 直接依赖 maven
io.fabric8:kubernetes-model-certificates 6.10.0 间接依赖 maven
com.fasterxml.jackson.core:jackson-databind 2.16.1 直接依赖 maven
io.fabric8:kubernetes-model-batch 6.10.0 直接依赖 maven
commons-collections:commons-collections 3.2.2 间接依赖 maven
com.jayway.jsonpath:json-path 2.9.0 直接依赖 maven
com.101tec:zkclient 0.11 直接依赖 maven
io.fabric8:openshift-model-clusterautoscaling 6.10.0 间接依赖 maven
org.apache.kafka:kafka_2.13 3.6.1 直接依赖 maven
io.fabric8:kubernetes-model-common 6.10.0 直接依赖 maven
io.strimzi:kafka-oauth-server-plain 0.14.0 直接依赖 maven
org.apache.commons:commons-lang3 3.11 间接依赖 maven
com.google.errorprone:error_prone_annotations 2.10.0 间接依赖 maven
org.junit.jupiter:junit-jupiter-params 5.8.2 直接依赖 maven
io.netty:netty-codec-http2 4.1.106.Final 间接依赖 maven
io.fabric8:kubernetes-model-admissionregistration 6.10.0 直接依赖 maven
org.ow2.asm:asm 9.3 间接依赖 maven
org.bouncycastle:bcutil-jdk18on 1.76 间接依赖 maven
org.apache.logging.log4j:log4j-slf4j-impl 2.17.2 直接依赖 maven
org.scala-lang:scala-library 2.13.11 间接依赖 maven
com.github.mifmif:generex 1.0.2 间接依赖 maven
io.rest-assured:json-path 4.4.0 直接依赖 maven
io.fabric8:openshift-model-monitoring 6.10.0 间接依赖 maven
io.apicurio:apicurio-registry-utils-kafka 1.3.2.Final 直接依赖 maven
javax.servlet:javax.servlet-api 3.1.0 直接依赖 maven
io.micrometer:micrometer-core 1.12.2 直接依赖 maven
org.pcollections:pcollections 4.0.1 间接依赖 maven
commons-logging:commons-logging 1.2 间接依赖 maven
io.netty:netty-common 4.1.106.Final 间接依赖 maven
org.apache.zookeeper:zookeeper 3.8.3 直接依赖 maven
org.bouncycastle:bcprov-jdk18on 1.76 直接依赖 maven
commons-io:commons-io 2.11.0 间接依赖 maven
org.slf4j:slf4j-api 1.7.36 间接依赖 maven
io.strimzi:kafka-oauth-common 0.14.0 直接依赖 maven
io.fabric8:openshift-model-machine 6.10.0 间接依赖 maven
io.fabric8:kubernetes-model-apiextensions 6.10.0 直接依赖 maven
org.xerial.snappy:snappy-java 1.1.10.5 间接依赖 maven
org.eclipse.jetty:jetty-io 9.4.53.v20231009 间接依赖 maven
io.rest-assured:rest-assured 4.4.0 直接依赖 maven
org.bouncycastle:bcpkix-jdk18on 1.76 直接依赖 maven
io.strimzi:config-model 0.40.0-SNAPSHOT 直接依赖 maven
com.fasterxml.jackson.module:jackson-module-scala_2.13 2.16.1 间接依赖 maven
com.github.ben-manes.caffeine:caffeine 2.9.3 间接依赖 maven
org.apache.httpcomponents:httpcore 4.4.13 间接依赖 maven
org.yaml:snakeyaml 2.2 间接依赖 maven
org.apache.httpcomponents:httpclient 4.5.13 间接依赖 maven
io.prometheus:simpleclient_tracer_otel_agent 0.16.0 间接依赖 maven
io.strimzi:crd-annotations 0.40.0-SNAPSHOT 直接依赖 maven
io.fabric8:zjsonpatch 0.3.0 直接依赖 maven
io.fabric8:kubernetes-client-api 6.10.0 直接依赖 maven
org.apache.logging.log4j:log4j-core 2.17.2 直接依赖 maven
org.hamcrest:hamcrest 2.2 直接依赖 maven
org.apache.kafka:kafka-metadata 3.6.1 间接依赖 maven
net.sf.jopt-simple:jopt-simple 5.0.4 间接依赖 maven
io.netty:netty-transport 4.1.106.Final 直接依赖 maven
io.rest-assured:rest-assured-common 4.4.0 间接依赖 maven
org.eclipse.microprofile.config:microprofile-config-api 1.4 间接依赖 maven
io.vertx:vertx-core 4.5.3 直接依赖 maven
io.fabric8:kubernetes-model-scheduling 6.10.0 间接依赖 maven
jakarta.activation:jakarta.activation-api 1.2.2 间接依赖 maven
io.fabric8:kubernetes-model-storageclass 6.10.0 直接依赖 maven
org.latencyutils:LatencyUtils 2.0.3 间接依赖 maven
com.fasterxml.jackson.dataformat:jackson-dataformat-yaml 2.16.1 直接依赖 maven
com.fasterxml.jackson.core:jackson-core 2.16.1 直接依赖 maven
org.codehaus.groovy:groovy-json 3.0.8 间接依赖 maven
io.strimzi:test 0.40.0-SNAPSHOT 直接依赖 maven
io.netty:netty-resolver-dns 4.1.106.Final 间接依赖 maven
jakarta.xml.bind:jakarta.xml.bind-api 2.3.3 间接依赖 maven
io.strimzi:kafka-oauth-server 0.14.0 直接依赖 maven
org.glassfish:javax.json 1.1.4 直接依赖 maven
io.fabric8:kubernetes-model-discovery 6.10.0 间接依赖 maven
org.snakeyaml:snakeyaml-engine 2.7 间接依赖 maven
com.typesafe.scala-logging:scala-logging_2.13 3.9.4 间接依赖 maven
org.apache.zookeeper:zookeeper-jute 3.8.3 直接依赖 maven
io.vertx:vertx-micrometer-metrics 4.5.3 直接依赖 maven
org.junit.platform:junit-platform-commons 1.8.2 直接依赖 maven
io.rest-assured:xml-path 4.4.0 间接依赖 maven
io.netty:netty-transport-native-epoll 4.1.106.Final 直接依赖 maven
io.prometheus:simpleclient_common 0.16.0 间接依赖 maven
io.fabric8:openshift-model-config 6.10.0 间接依赖 maven
commons-beanutils:commons-beanutils 1.9.4 间接依赖 maven
commons-digester:commons-digester 2.1 间接依赖 maven
io.fabric8:openshift-model 6.10.0 直接依赖 maven
io.fabric8:openshift-model-whereabouts 6.10.0 间接依赖 maven
io.fabric8:openshift-client 6.10.0 直接依赖 maven
io.fabric8:openshift-model-installer 6.10.0 间接依赖 maven
io.fabric8:openshift-model-operatorhub 6.10.0 直接依赖 maven
org.apache.kafka:kafka-server-common 3.6.1 直接依赖 maven
io.micrometer:micrometer-observation 1.12.2 间接依赖 maven
org.junit.jupiter:junit-jupiter-api 5.8.2 直接依赖 maven
io.fabric8:openshift-model-operator 6.10.0 间接依赖 maven
com.nimbusds:nimbus-jose-jwt 9.31 间接依赖 maven
net.sourceforge.argparse4j:argparse4j 0.7.0 间接依赖 maven
org.apache.yetus:audience-annotations 0.12.0 间接依赖 maven
org.codehaus.groovy:groovy-xml 3.0.8 间接依赖 maven
io.fabric8:openshift-model-tuned 6.10.0 间接依赖 maven
org.scala-lang.modules:scala-java8-compat_2.13 1.0.2 间接依赖 maven
io.fabric8:kubernetes-model-metrics 6.10.0 间接依赖 maven
io.fabric8:kubernetes-model-apps 6.10.0 直接依赖 maven
org.lz4:lz4-java 1.8.0 间接依赖 maven
org.apache.kafka:kafka-tools-api 3.6.1 间接依赖 maven
com.fasterxml.jackson.core:jackson-annotations 2.16.1 直接依赖 maven
io.strimzi:api 0.40.0-SNAPSHOT 直接依赖 maven
(0)
上一篇 2024年2月15日
下一篇 2024年2月15日

相关推荐

  • k8snetworkplumbingwg/multus-cni 软件分析报告

    基础信息 项目名称:k8snetworkplumbingwg/multus-cni 项目徽章: 仓库地址:https://github.com/pterodactyl/panel 检测报告地址:https://www.murphysec.com/console/report/1721328882501058560/1724377358164512768 此报…

    软件分析 2023年11月14日
    0
  • getminera/minera 软件分析报告

    基础信息 项目名称:getminera/minera 项目徽章: 仓库地址:https://github.com/pterodactyl/panel 检测报告地址:https://www.murphysec.com/console/report/1718086088283258880/1718086088820129792 此报告由Murphysec提供 漏…

    软件分析 2023年10月28日
    0
  • alash3al/sqler 软件分析报告

    基础信息 项目名称:alash3al/sqler 项目徽章: 仓库地址:https://github.com/pterodactyl/panel 检测报告地址:https://www.murphysec.com/console/report/1715614652124938240/1715614652221407232 此报告由Murphysec提供 漏洞列…

    软件分析 2023年10月23日
    0
  • johnkil/Android-ProgressFragment 软件分析报告

    基础信息 项目名称:johnkil/Android-ProgressFragment 项目徽章: 仓库地址:https://github.com/pterodactyl/panel 检测报告地址:https://www.murphysec.com/console/report/1721315358253338624/1730520458750545920 此…

    软件分析 2023年12月1日
    0
  • wuzhc/swrpc 软件分析报告

    基础信息 项目名称:wuzhc/swrpc 项目徽章: 仓库地址:https://github.com/pterodactyl/panel 检测报告地址:https://www.murphysec.com/console/report/1721491032067629056/1721491032193458176 此报告由Murphysec提供 漏洞列表 暂…

    软件分析 2023年11月6日
    0