thedevdojo/wave 软件分析报告

基础信息

项目名称:thedevdojo/wave

项目徽章:

Security Status

仓库地址:https://github.com/pterodactyl/panel

检测报告地址:https://www.murphysec.com/console/report/1758459193083531264/1758459193133862912

此报告由Murphysec提供

漏洞列表

漏洞名称 漏洞类型 MPS编号 CVE编号 漏洞等级
Voyager 安全漏洞 权限预留不恰当 MPS-2021-18441 CVE-2020-36070 严重
Livewire 跨站请求伪造漏洞 CSRF MPS-h9um-0tlf CVE-2024-22859 高危

缺陷组件

组件名称 版本 最小修复版本 依赖关系 修复建议
livewire/livewire v2.12.6 3.0.4 间接依赖 可选修复
tcg/voyager v1.7 间接依赖 可选修复

许可证风险

许可证类型 相关组件 许可证风险
MIT 80
LGPL-2.0 1
BSD-3-Clause 6
BSD-4-Clause 3
Apache-2.0 3
GPL-2.0 1
GPL-3.0 1

SBOM清单

组件名称 组件版本 是否直接依赖 仓库
illuminate/database 间接依赖 composer
tcg/voyager v1.7 间接依赖 composer
laravel/prompts v0.1.13 间接依赖 composer
dragonmantank/cron-expression v3.3.3 间接依赖 composer
psr/clock 1.0.0 间接依赖 composer
arrilot/laravel-widgets 3.13.2 间接依赖 composer
symfony/finder v6.3.5 间接依赖 composer
symfony/translation v6.3.7 间接依赖 composer
league/flysystem-local 3.19.0 间接依赖 composer
doctrine/lexer 3.0.0 间接依赖 composer
symfony/http-foundation v6.3.8 间接依赖 composer
illuminate/auth 间接依赖 composer
illuminate/view 间接依赖 composer
symfony/polyfill-intl-grapheme v1.28.0 间接依赖 composer
guzzlehttp/uri-template v1.0.2 间接依赖 composer
illuminate/http 间接依赖 composer
symfony/console v6.3.8 间接依赖 composer
psr/event-dispatcher 1.0.0 间接依赖 composer
illuminate/cache 间接依赖 composer
doctrine/inflector 2.0.8 间接依赖 composer
nesbot/carbon 2.71.0 间接依赖 composer
psr/cache 3.0.0 间接依赖 composer
symfony/css-selector v6.3.2 间接依赖 composer
psr/log 3.0.0 间接依赖 composer
guzzlehttp/promises 2.0.1 间接依赖 composer
psr/simple-cache 3.0.0 间接依赖 composer
laravel/tinker v2.8.2 间接依赖 composer
symfony/event-dispatcher v6.3.2 间接依赖 composer
intervention/image 2.7.2 间接依赖 composer
doctrine/dbal 3.7.1 间接依赖 composer
symfony/uid v6.3.8 间接依赖 composer
illuminate/console 间接依赖 composer
symfony/string v6.3.8 间接依赖 composer
symfony/process v6.3.4 间接依赖 composer
league/config v1.2.0 间接依赖 composer
guzzlehttp/guzzle 7.8.0 间接依赖 composer
symfony/error-handler v6.3.5 间接依赖 composer
brick/math 0.11.0 间接依赖 composer
lcobucci/jwt 4.3.0 间接依赖 composer
graham-campbell/result-type v1.1.1 间接依赖 composer
livewire/livewire v2.12.6 间接依赖 composer
laravel/serializable-closure v1.3.2 间接依赖 composer
symfony/deprecation-contracts v3.3.0 间接依赖 composer
psy/psysh v0.11.22 间接依赖 composer
voku/portable-ascii 2.0.1 间接依赖 composer
psr/http-message 2.0 间接依赖 composer
symfony/polyfill-intl-normalizer v1.28.0 间接依赖 composer
nikic/php-parser v4.17.1 间接依赖 composer
webmozart/assert 1.11.0 间接依赖 composer
illuminate/support 间接依赖 composer
tymon/jwt-auth 2.x-dev 间接依赖 composer
symfony/polyfill-mbstring v1.28.0 间接依赖 composer
ralouphie/getallheaders 3.0.3 间接依赖 composer
symfony/mime v6.3.5 间接依赖 composer
devdojo/themes 0.0.7 间接依赖 composer
symfony/polyfill-php80 v1.28.0 间接依赖 composer
phpoption/phpoption 1.9.1 间接依赖 composer
doctrine/deprecations 1.1.2 间接依赖 composer
symfony/mailer v6.3.5 间接依赖 composer
egulias/email-validator 4.0.2 间接依赖 composer
nette/schema v1.2.5 间接依赖 composer
symfony/polyfill-ctype v1.28.0 间接依赖 composer
symfony/polyfill-php83 v1.28.0 间接依赖 composer
symfony/http-kernel v6.3.8 间接依赖 composer
nunomaduro/termwind v1.15.1 间接依赖 composer
fruitcake/php-cors v1.3.0 间接依赖 composer
devdojo/app 0.11 间接依赖 composer
ramsey/uuid 4.7.5 间接依赖 composer
league/commonmark 2.4.1 间接依赖 composer
symfony/polyfill-php72 v1.28.0 间接依赖 composer
symfony/event-dispatcher-contracts v3.3.0 间接依赖 composer
illuminate/collections 间接依赖 composer
illuminate/filesystem 间接依赖 composer
doctrine/cache 2.2.0 间接依赖 composer
symfony/service-contracts v3.3.0 间接依赖 composer
doctrine/event-manager 2.0.0 间接依赖 composer
lab404/laravel-impersonate 1.7.4 间接依赖 composer
guzzlehttp/psr7 2.6.1 间接依赖 composer
ramsey/collection 2.0.0 间接依赖 composer
symfony/routing v6.3.5 间接依赖 composer
illuminate/container 间接依赖 composer
illuminate/validation 间接依赖 composer
psr/http-factory 1.0.2 间接依赖 composer
psr/http-client 1.0.3 间接依赖 composer
symfony/polyfill-intl-idn v1.28.0 间接依赖 composer
dflydev/dot-access-data v3.0.2 间接依赖 composer
lcobucci/clock 3.0.0 间接依赖 composer
symfony/polyfill-uuid v1.28.0 间接依赖 composer
symfony/translation-contracts v3.3.0 间接依赖 composer
tijsverkoyen/css-to-inline-styles 2.2.6 间接依赖 composer
laravel/ui v4.2.2 间接依赖 composer
monolog/monolog 3.5.0 间接依赖 composer
vlucas/phpdotenv v5.5.0 间接依赖 composer
composer-runtime-api 间接依赖 composer
symfony/var-dumper v6.3.8 间接依赖 composer
illuminate/contracts 间接依赖 composer
laravel/framework v10.31.0 间接依赖 composer
league/flysystem 3.19.0 间接依赖 composer
psr/container 2.0.2 间接依赖 composer
league/mime-type-detection 1.14.0 间接依赖 composer
(0)
上一篇 2024年2月16日
下一篇 2024年2月16日

相关推荐

  • ccforward/rubik 软件分析报告

    基础信息 项目名称:ccforward/rubik 项目徽章: 仓库地址:https://github.com/pterodactyl/panel 检测报告地址:https://www.murphysec.com/console/report/1716595400467152896/1716595400538456064 此报告由Murphysec提供 漏洞…

    软件分析 2023年10月24日
    0
  • alyssaxuu/carden 软件分析报告

    基础信息 项目名称:alyssaxuu/carden 项目徽章: 仓库地址:https://github.com/pterodactyl/panel 检测报告地址:https://www.murphysec.com/console/report/1720550230374809600/1720550230420946944 此报告由Murphysec提供 漏…

    软件分析 2023年11月4日
    0
  • itstamen/rop 软件分析报告

    基础信息 项目名称:itstamen/rop 项目徽章: 仓库地址:https://github.com/pterodactyl/panel 检测报告地址:https://www.murphysec.com/console/report/1718910970255687680/1718910970612203520 此报告由Murphysec提供 漏洞列表 …

    软件分析 2023年10月30日
    0
  • fastai/fastpages 软件分析报告

    基础信息 项目名称:fastai/fastpages 项目徽章: 仓库地址:https://github.com/pterodactyl/panel 检测报告地址:https://www.murphysec.com/console/report/1717721112313118720/1717721112350867456 此报告由Murphysec提供 漏…

    软件分析 2023年10月27日
    0
  • Angular2Guy/Angular2AndJavaEE 软件分析报告

    基础信息 项目名称:Angular2Guy/Angular2AndJavaEE 项目徽章: 仓库地址:https://github.com/pterodactyl/panel 检测报告地址:https://www.murphysec.com/console/report/1715841174552051712/1715841174916956160 此报告由…

    软件分析 2023年10月23日
    0