Skip to content
Tools / bunkerweb / Dependencies

Dependency Analysis

bunkerweb

Direct and transitive dependency freshness, license, and CVE exposure from the latest SBOM.

Security Export CSV
59% Freshness
478 Dependencies
148 Outdated
0 Stale
3.2 Avg Behind

Dependency List

Latest release v1.6.9

All 477 Outdated 202 Has CVE 25 GPL 15
Dependency Type Current Latest Behind CVE License
h11
pypi
 Direct 0.14.0 0.16.0 2 behind 1 critical MIT
starlette
pypi
 Direct 0.38.6 1.2.1 37 behind 2 high BSD-2-Clause AND BSD-3-Clause
cryptography
pypi
 Direct 42.0.8 48.0.0 25 behind 4 high BSD-3-Clause OR Apache-2.0
pyopenssl
pypi
 Direct 24.2.1 26.2.0 8 behind 2 high Apache-2.0
python-multipart
pypi
 Direct 0.0.22 0.0.30 8 behind 2 high Apache-2.0
urllib3
pypi
 Direct 2.5.0 2.7.0 5 behind 3 high MIT
pillow
pypi
 Direct 11.3.0 12.2.0 4 behind 6 high LicenseRef-scancode-secret-labs-2011 AND MIT-CMU
picomatch
npm
 Transitive 4.0.3 4.0.4 3 behind 2 high MIT
mako
pypi
 Direct 1.3.10 1.3.12 2 behind 2 high MIT
pyasn1
pypi
 Direct 0.6.2 0.6.3 1 behind 1 high BSD-2-Clause AND BSD-3-Clause AND MIT
svgo
npm
 Transitive 4.0.0 4.0.1 1 behind 1 high MIT
ansible-core
pypi
 Direct 2.16.8 3 high GPL-3.0-or-later
cairosvg
pypi
 Direct 2.8.2 1 high LGPL-2.0-or-later AND LGPL-3.0 AND LGPL-3.0-only AND LGPL-3.0-or-later
starlette
pypi
 Direct 0.41.0 1 high BSD-2-Clause AND BSD-3-Clause
postcss
npm
 Direct 8.5.6 8.5.15 9 behind 1 medium MIT
requests
pypi
 Direct 2.32.3 2.34.2 8 behind 1 medium Apache-2.0
urllib3
pypi
 Direct 2.2.3 2.7.0 8 behind 2 medium MIT
yaml
npm
 Transitive 2.8.1 2.9.0 7 behind 1 medium ISC
requests
pypi
 Direct 2.32.5 2.34.2 6 behind 1 medium Apache-2.0
python-dotenv
pypi
 Direct 1.0.1 1.2.2 5 behind 1 medium BSD-2-Clause AND BSD-3-Clause
cryptography
pypi
 Direct 46.0.5 48.0.0 4 behind 1 medium Apache-2.0 AND BSD-3-Clause
pip
pypi
 Direct 26.0.1 26.1.2 3 behind 2 medium MIT
jinja2
pypi
 Direct 3.1.4 3.1.6 2 behind 3 medium BSD-2-Clause AND BSD-3-Clause
ansible
pypi
 Direct 9.5.1 1 medium GPL-3.0 AND GPL-3.0-or-later
pygments
pypi
 Direct 2.19.2 2.20.0 1 behind 1 low BSD-2-Clause

License Breakdown

MIT 203
Unknown 80
Apache-2.0 51
BSD-3-Clause 28
BSD-2-Clause AND BSD-3-Clause 23
ISC 14
BSD-2-Clause 11
Apache-2.0 AND MIT 4
MPL-2.0 4
Apache-2.0 OR (Apache-2.0 AND MIT) 3
BSD-3-Clause AND MIT 3
Apache-2.0 AND BSD-2-Clause 2
Apache-2.0 AND BSD-3-Clause 2
BSD-2-Clause AND BSD-3-Clause AND MIT 2
BSD-3-Clause OR Apache-2.0 2
CC0-1.0 2
EPL-1.0 2
LicenseRef-scancode-secret-labs-2011 AND MIT-CMU 2
MIT AND PSF-2.0 2
MIT AND Python-2.0 2
0BSD 1
0BSD AND BSD-3-Clause AND LicenseRef-scancode-other-permissive AND MIT AND Python-2.0 1
Apache-2.0 AND BSD-3-Clause AND LicenseRef-scancode-unknown-license-reference 1
Apache-2.0 AND LicenseRef-scancode-generic-cla 1
Apache-2.0 AND Python-2.0 1
Apache-2.0 OR BSD-3-Clause OR (Apache-2.0 AND BSD-3-Clause) 1
BSD-3-Clause AND LicenseRef-scancode-protobuf 1
BSD-3-Clause AND LicenseRef-scancode-unknown-license-reference AND MIT 1
CC-BY-4.0 1
CC0-1.0 AND MIT 1
CC0-1.0 AND Unlicense 1
CNRI-Python AND Apache-2.0 1
GPL-2.0-only 1
GPL-3.0 AND GPL-3.0-only AND GPL-3.0-or-later 1
GPL-3.0 AND GPL-3.0-or-later 1
GPL-3.0-or-later 1
ISC AND MIT 1
ISC AND MPL-2.0 1
LGPL-2.0-or-later AND LGPL-2.1-only AND LicenseRef-scancode-public-domain AND MIT AND MPL-1.1 1
LGPL-2.0-or-later AND LGPL-3.0 AND LGPL-3.0-only AND LGPL-3.0-or-later 1
LGPL-2.1-only AND MIT AND MPL-1.1 1
LGPL-2.1-or-later 1
LGPL-3.0 1
LGPL-3.0 AND LGPL-3.0-only 1
LGPL-3.0 AND LGPL-3.0-only AND LGPL-3.0-or-later 1
LGPL-3.0-only 1
LGPL-3.0-only AND LGPL-3.0-only AND LGPL-3.0-only 1
LGPL-3.0-only AND LGPL-3.0-or-later 1
MIT AND HPND 1
MIT AND Python-2.0 AND Python-2.0.1 AND MIT AND Python-2.0 AND Python-2.0.1 1
MIT AND ZPL-2.1 1
MIT-0 1
PSF-2.0 1
Python-2.0 AND GPL-1.0-or-later AND Python-2.0 AND BSD-3-Clause AND Python-2.0 AND BSD-3-Clause AND 0BSD 1
Python-2.0.1 1

CVE Severity

critical 1
high 13
medium 10
low 1
unknown 0

Beta — feedback welcome: [email protected]