Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

maven Security Advisories

Loading...
Moderate
GSA_kwCzR0hTQS1jcmpnLXc1N20tcnFxZs4AA-FL
DNSJava vulnerable to KeyTrap - Denial-of-Service Algorithmic Complexity Attacks
Ecosystems: maven
Packages: dnsjava:dnsjava
Source: GitHub Advisory Database
Blast Radius: 22.2
Published: about 3 hours ago
Moderate
GSA_kwCzR0hTQS1tbXd4LXJqODctdmZncs4AA-E2
DNSJava affected by KeyTrap - NSEC3 closest encloser proof can exhaust CPU resources
Ecosystems: maven
Packages: dnsjava:dnsjava
Source: GitHub Advisory Database
Blast Radius: 22.2
Published: about 5 hours ago
High
GSA_kwCzR0hTQS1jZnh3LTRoNzgtaDdmd84AA-E1
DNSJava DNSSEC Bypass
Ecosystems: maven
Packages: dnsjava:dnsjava
Source: GitHub Advisory Database
Blast Radius: 30.3
Published: about 6 hours ago
Moderate
GSA_kwCzR0hTQS04cHh2LXg2anEtNXZ3Oc4AA-Ev
Apache Syncope Improper Input Validation vulnerability
Ecosystems: maven
Packages: org.apache.syncope.client.idrepo:syncope-client-idrepo-console, org.apache.syncope.client.idrepo:syncope-client-idrepo-common-ui
Source: GitHub Advisory Database
Blast Radius: 6.2
Published: about 8 hours ago
High
GSA_kwCzR0hTQS13MzZ3LTk0OGoteGhmd84AA-DC
H2O vulnerable to Deserialization of Untrusted Data
Ecosystems: maven
Packages: ai.h2o:h2o-core
Source: GitHub Advisory Database
Blast Radius: 12.0
Published: 1 day ago
Low
GSA_kwCzR0hTQS00bWdnLWZxZnEtNjRoZ84AA-AU
Apache CXF allows unrestricted memory consumption in CXF HTTP clients
Ecosystems: maven
Packages: org.apache.cxf:cxf-rt-transports-http
Source: GitHub Advisory Database
Blast Radius: 15.0
Published: 3 days ago
High
GSA_kwCzR0hTQS01bTNqLXB4aDctNDU1cM4AA-Ab
Apache CXF: SSRF vulnerability via WADL stylesheet parameter
Ecosystems: maven
Packages: org.apache.cxf:cxf-rt-rs-service-description
Source: GitHub Advisory Database
Blast Radius: 24.3
Published: 3 days ago
Moderate
GSA_kwCzR0hTQS02cGZmLWZtaDItNG1tZs4AA-AS
Apache CXF Denial of Service vulnerability in JOSE
Ecosystems: maven
Packages: org.apache.cxf:cxf-rt-rs-security-jose
Source: GitHub Advisory Database
Blast Radius: 9.7
Published: 3 days ago
High
GSA_kwCzR0hTQS1xOGYyLWh4cTUtY3A0aM4AA-AD
Absent Input Validation in BinaryHttpParser
Ecosystems: maven
Packages: io.netty.incubator:netty-incubator-codec-bhttp
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 days ago
Moderate
GSA_kwCzR0hTQS14bXZnLTMzNWcteDQ0cc4AA9_m
The OpenSearch reporting plugin improperly controls tenancy access to reporting resources
Ecosystems: maven
Packages: org.opensearch.plugin:opensearch-reports-scheduler
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 days ago
High
GSA_kwCzR0hTQS0ycndtLXh2NWotNzc3cM4AA9-i
Eclipse Parsson stack overflow when parsing deeply nested input
Ecosystems: maven
Packages: org.eclipse.parsson:parsson
Source: GitHub Advisory Database
Blast Radius: 19.0
Published: 5 days ago
High
GSA_kwCzR0hTQS02NTIzLWpmNHItYzk2Ms4AA9-c
Apache StreamPipes has potential remote code execution (RCE) via file upload
Ecosystems: maven
Packages: org.apache.streampipes:streampipes-parent
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 days ago
Moderate
GSA_kwCzR0hTQS0ycXBoLXY5cDItcTJnds4AA9-J
Apache StreamPipes potentially allows creation of multiple identical accounts
Ecosystems: maven
Packages: org.apache.streampipes:streampipes-parent
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 days ago
Moderate
GSA_kwCzR0hTQS05Z3I3LWdoNzQtcWc5eM4AA9-K
Apache StreamPipes has possibility of SSRF in pipeline element installation process
Ecosystems: maven
Packages: org.apache.streampipes:streampipes-parent
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 days ago
High
GSA_kwCzR0hTQS03cXBjLTR4eDkteDVxd84AA94-
Apache Linkis DataSource's JDBC Datasource Module with DB2 has JNDI Injection vulnerability
Ecosystems: maven
Packages: org.apache.linkis:linkis-datasource
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 days ago
High
GSA_kwCzR0hTQS1qanZjLXY4Z3ctNTI1Nc4AA949
Apache Linkis DataSource remote code execution vulnerability
Ecosystems: maven
Packages: org.apache.linkis:linkis-datasource
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 days ago
Moderate
GSA_kwCzR0hTQS1mMjJqLTlqNTktMzNqNM4AA948
Apache Linkis DataSource allows arbitrary file reading
Ecosystems: maven
Packages: org.apache.linkis:linkis-datasource
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 days ago
High
GSA_kwCzR0hTQS1oaHdjLWdoOGgtOXJycM4AA90p
Apache Wicket: Remote code execution via XSLT injection
Ecosystems: maven
Packages: org.apache.wicket:wicket-util
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 10 days ago
Moderate
GSA_kwCzR0hTQS03N3ZjLXJqMzItMnIzM84AA9w7
OpenSearch Observability does not properly restrict access to private tenant resources
Ecosystems: maven
Packages: org.opensearch.plugin:opensearch-observability
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 12 days ago
Moderate
GSA_kwCzR0hTQS12ZndoLWd2ZjYtbWZmOM4AA9vd
Silverpeas Core Cross-site Scripting vulnerability
Ecosystems: maven
Packages: org.silverpeas.core:silverpeas-core-seb, org.silverpeas.core:silverpeas-core-rs
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 13 days ago
High
GSA_kwCzR0hTQS1qNHI3LXA5ZnAtdzNmM84AA9rZ
Spring Cloud Function Framework vulnerable to Denial of Service
Ecosystems: maven
Packages: org.springframework.cloud:spring-cloud-function-context
Source: GitHub Advisory Database
Blast Radius: 18.7
Published: 13 days ago
Moderate
GSA_kwCzR0hTQS1jaDdxLWdwZmYtaDlocM4AA9on
Undertow Missing Release of Memory after Effective Lifetime vulnerability
Ecosystems: maven
Packages: io.undertow:undertow-core
Source: GitHub Advisory Database
Blast Radius: 19.7
Published: 14 days ago
High
GSA_kwCzR0hTQS14cHA2LThyM2otd3c0M84AA9oi
Undertow Denial of Service vulnerability
Ecosystems: maven
Packages: io.undertow:undertow-core
Source: GitHub Advisory Database
Blast Radius: 27.9
Published: 14 days ago
Moderate
GSA_kwCzR0hTQS1oNjU4LXFxdjktcXd2OM4AA9nw
Apache NiFi vulnerable to Cross-site Scripting
Ecosystems: maven
Packages: org.apache.nifi:nifi-web-ui
Source: GitHub Advisory Database
Blast Radius: 10.0
Published: 14 days ago
High
GSA_kwCzR0hTQS13bTl3LXJqajMtajM1Ns4AA9gV
Apache Tomcat - Denial of Service
Ecosystems: maven
Packages: org.apache.tomcat:tomcat-coyote, org.apache.tomcat.embed:tomcat-embed-core
Source: GitHub Advisory Database
Blast Radius: 31.1
Published: 19 days ago
Critical
GSA_kwCzR0hTQS02amo2LWdtN3AtZmN2ds4AA9cr
Remote Code Execution (RCE) vulnerability in geoserver
Ecosystems: maven
Packages: org.geoserver:gs-wms, org.geoserver:gs-wfs, org.geoserver.web:gs-web-app
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 21 days ago
High
GSA_kwCzR0hTQS1qaHF4LTV2NWctbXBmM84AA9cq
Classpath resource disclosure in GWC Web Resource API on Windows / Tomcat
Ecosystems: maven
Packages: org.geoserver:gs-gwc, org.geoserver.web:gs-web-app
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 21 days ago
Moderate
GSA_kwCzR0hTQS1qNTl2LXZnY3ItaHh2Zs4AA9cp
GeoServer's Server Status shows sensitive environmental variables and Java properties
Ecosystems: maven
Packages: org.geoserver:gs-main, org.geoserver.web:gs-web-app
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 21 days ago
Low
GSA_kwCzR0hTQS14ZngzLWNyNzQteDNjds4AA9Xv
Exposure of secrets through system log in Jenkins Structs Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:structs
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 26 days ago
Moderate
GSA_kwCzR0hTQS0zY3BxLXJ3MzYtY3Bwds4AA9Xt
Secret file credentials stored unencrypted in rare cases by Plain Credentials Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:plain-credentials
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 26 days ago
Moderate
GSA_kwCzR0hTQS14OG1mLWpjbWYtcjc5Zs4AA9Xs
Bitbucket OAuth access token exposed in the build log by Bitbucket Branch Source Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:cloudbees-bitbucket-branch-source
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 26 days ago
Low
GSA_kwCzR0hTQS05NGNjLXhqeHItcHd2Zs4AA9WR
DSpace Cross Site Scripting (XSS) via a deposited HTML/XML document
Ecosystems: maven
Packages: org.dspace:dspace-server-webapp
Source: GitHub Advisory Database
Blast Radius: 3.9
Published: 27 days ago
High
GSA_kwCzR0hTQS02ODN4LTQ0NDQtanhoOM4AA9UM
Improper Restriction of XML External Entity Reference in org.cyclonedx:cyclonedx-core-java
Ecosystems: maven
Packages: org.cyclonedx:cyclonedx-core-java
Source: GitHub Advisory Database
Blast Radius: 13.5
Published: 28 days ago
Critical
GSA_kwCzR0hTQS1xY2ozLXdwZ20tcXB4aM4AA9UF
XWiki programming rights may be inherited by inclusion
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-rendering-macro-include
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 28 days ago
Critical
GSA_kwCzR0hTQS1jZjNxLXZnOHctbXc4NM4AA9Tl
Apache StreamPipes: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Recovery Token Generation
Ecosystems: maven
Packages: org.apache.streampipes:streampipes-resource-management
Source: GitHub Advisory Database
Blast Radius: 7.1
Published: 28 days ago
Moderate
GSA_kwCzR0hTQS0zNmdmLXZwajItajQyd84AA9Tg
Cross site scripting in Apache JSPWiki
Ecosystems: maven
Packages: org.apache.jspwiki:jspwiki-main
Source: GitHub Advisory Database
Blast Radius: 8.2
Published: 28 days ago
Low
GSA_kwCzR0hTQS1jMjVoLWMyN3EtNXFwds4AA9SS
Keycloak leaks configured LDAP bind credentials through the Keycloak admin console
Ecosystems: maven
Packages: org.keycloak:keycloak-ldap-federation
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS12MnhtLTc2cHEtcGhjZs4AA9Qy
ClassGraph XML External Entity Reference
Ecosystems: maven
Packages: io.github.classgraph:classgraph
Source: GitHub Advisory Database
Blast Radius: 20.9
Published: about 1 month ago
Critical
GSA_kwCzR0hTQS1qNTg0LWoydmotM2Y5M84AA9Pv
XWiki Platform allows remote code execution from user account
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-oldcore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
High
GSA_kwCzR0hTQS05NDQyLWdtNHYtcjIyMs4AA9Ps
Undertow's url-encoded request path information can be broken on ajp-listener
Ecosystems: maven
Packages: io.undertow:undertow-core
Source: GitHub Advisory Database
Blast Radius: 27.9
Published: about 1 month ago
High
GSA_kwCzR0hTQS1xMnh4LWY4cjMtOW1nNc4AA9It
STRIMZI incorrect access control
Ecosystems: maven
Packages: io.strimzi:strimzi
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
Critical
GSA_kwCzR0hTQS13ODc3LWpmdzctNDZyas4AA9Ik
DeepJavaLibrary API absolute path traversal
Ecosystems: maven
Packages: ai.djl:api
Source: GitHub Advisory Database
Blast Radius: 20.7
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS1odzJjLTh4Z3ctbWY1N84AA9He
SonarQube logs sensitive information
Ecosystems: maven
Packages: org.sonarsource.sonarqube:sonar-web
Source: GitHub Advisory Database
Blast Radius: 1.5
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS14MjY4LXFwZzYtdzlnMs4AA9DM
CrateDB has a Client initialized Session-Renegotiation DoS
Ecosystems: maven
Packages: io.crate:crate
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS00cTIyLTQyMmctbTRwas4AA9C9
Elasticsearch StackOverflow vulnerability
Ecosystems: maven
Packages: org.elasticsearch:elasticsearch
Source: GitHub Advisory Database
Blast Radius: 20.9
Published: about 1 month ago
Low
GSA_kwCzR0hTQS1jcTQyLXZodjcteHI3cM4AA8_H
Keycloak Denial of Service via account lockout
Ecosystems: maven
Packages: org.keycloak:keycloak-services
Source: GitHub Advisory Database
Blast Radius: 10.2
Published: about 1 month ago
Low
GSA_kwCzR0hTQS00dmM4LXBnNWMtdmc0eM4AA8_G
Keycloak's improper input validation allows using email as username
Ecosystems: maven
Packages: org.keycloak:keycloak-services
Source: GitHub Advisory Database
Blast Radius: 10.2
Published: about 1 month ago
High
GSA_kwCzR0hTQS12NzRjLXFjNDYtOWdnOc4AA8-d
Apache Submarine Server Core has a SQL Injection Vulnerability
Ecosystems: maven
Packages: org.apache.submarine:submarine-server-core
Source: GitHub Advisory Database
Blast Radius: 7.7
Published: about 1 month ago
Critical
GSA_kwCzR0hTQS02cTk3LTh2M2ctcnB4d84AA8-X
Apache Submarine Server Core Incorrect Authorization vulnerability
Ecosystems: maven
Packages: org.apache.submarine:submarine-server-core
Source: GitHub Advisory Database
Blast Radius: 8.7
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS1qd2NnLXd2NXgtdmczZ84AA8-T
Apache Submarine Commons Utils has a hard-coded secret
Ecosystems: maven
Packages: org.apache.submarine:submarine-commons-utils
Source: GitHub Advisory Database
Blast Radius: 6.2
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS00YzdxLW03aGMtcGM5Ms4AA8-U
Elasticsearch Remote Cluster Search Cross Cluster API Key insufficient restrictions
Ecosystems: maven
Packages: org.elasticsearch:elasticsearch
Source: GitHub Advisory Database
Blast Radius: 27.7
Published: about 1 month ago
High
GSA_kwCzR0hTQS0yY3d3LWZnbWctNGpxY84AA88y
Keycloak's admin API allows low privilege users to use administrative functions
Ecosystems: maven
Packages: org.keycloak:keycloak-services
Source: GitHub Advisory Database
Blast Radius: 22.3
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS1tNXZ2LTZyNGgtM3ZqOc4AA88w
Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability
Ecosystems: nuget, maven, npm, go, pypi
Packages: Microsoft.Identity.Client, com.microsoft.azure:msal4j, @azure/msal-node, Azure.Identity, github.com/Azure/azure-sdk-for-go/sdk/azidentity, com.azure:azure-identity, @azure/identity, azure-identity
Source: GitHub Advisory Database
Blast Radius: 78.6
Published: about 1 month ago
High
GSA_kwCzR0hTQS02OWZwLTdjOHAtY3Jqcs4AA84T
Keycloak exposes sensitive information in Pushed Authorization Requests (PAR)
Ecosystems: maven
Packages: org.keycloak:keycloak-services
Source: GitHub Advisory Database
Blast Radius: 20.6
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS05MndwLWpnaHItaGg4N84AA8yL
Weak encryption in Ninja Core
Ecosystems: maven
Packages: org.ninjaframework:ninja-core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Moderate
GSA_kwCzR0hTQS1nNzYyLWg4NnctODc0Oc4AA8uP
BoringSSLAEADContext in Netty Repeats Nonces
Ecosystems: maven
Packages: io.netty.incubator:netty-incubator-codec-ohttp
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
Moderate
GSA_kwCzR0hTQS04d2gyLTZxaGotaDdqOc4AA8st
iq80 Snappy out-of-bounds read when uncompressing data, leading to JVM crash
Ecosystems: maven
Packages: org.iq80.snappy:snappy
Source: GitHub Advisory Database
Blast Radius: 13.2
Published: about 2 months ago
Critical
GSA_kwCzR0hTQS00dzU0LXd3YzkteDYyY84AA8m1
Silverpeas authentication bypass
Ecosystems: maven
Packages: org.silverpeas.core:silverpeas-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
High
GSA_kwCzR0hTQS05NzN4LTY1ajcteGNmNM4AA8mR
Decompressors can crash the JVM and leak memory content in Aircompressor
Ecosystems: maven
Packages: io.airlift:aircompressor
Source: GitHub Advisory Database
Blast Radius: 24.8
Published: about 2 months ago
Moderate
GSA_kwCzR0hTQS12ZzZ4LXBjaHEtOThtZ84AA8kL
OpenCMS Cross-Site Scripting vulnerability
Ecosystems: maven
Packages: org.opencms:opencms-core
Source: GitHub Advisory Database
Blast Radius: 8.6
Published: about 2 months ago
High
GSA_kwCzR0hTQS1nM2hyLXA4NnAtNTkzaM4AA8i5
OpenAPI Generator Online - Arbitrary File Read/Delete
Ecosystems: maven
Packages: org.openapitools:openapi-generator-online
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
High
GSA_kwCzR0hTQS1oZmc3LWo4MmMtZnIzd84AA8iY
Soot Infinite Loop vulnerability
Ecosystems: maven
Packages: org.soot-oss:soot
Source: GitHub Advisory Database
Blast Radius: 13.1
Published: about 2 months ago
Moderate
GSA_kwCzR0hTQS13OGNwLWZyeGMtNTVwas4AA8iX
Kwik does not discard unused encryption keys
Ecosystems: maven
Packages: tech.kwik:kwik
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
Moderate
GSA_kwCzR0hTQS1jdzVyLWp4OHItOWY3eM4AA8iW
Jenkins Report Info Plugin Path Traversal vulnerability
Ecosystems: maven
Packages: org.jenkins-ci.plugins:report-info
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
Moderate
GSA_kwCzR0hTQS1oamZjLTZqeHItajJyeM4AA8hY
Eclipse Ditto vulnerable to Cross-site Scripting
Ecosystems: maven
Packages: org.eclipse.ditto:ditto
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 2 months ago
Moderate
GSA_kwCzR0hTQS05cnJ3LTgycjItNjIzcM4AA8f1
Silverpeas Core vulnerable to Cross Site Scripting
Ecosystems: maven
Packages: org.silverpeas:silverpeas-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 2 months ago
High
GSA_kwCzR0hTQS1xeHFmLTJtZngteDhqd84AA8Vj
veraPDF has potential XSLT injection vulnerability when using policy files
Ecosystems: maven
Packages: org.verapdf:library-jakarta, org.verapdf:library, org.verapdf:library-arlington, org.verapdf:core-arlington, org.verapdf:core-jakarta, org.verapdf:core
Source: GitHub Advisory Database
Blast Radius: 7.7
Published: 2 months ago
Moderate
GSA_kwCzR0hTQS03NnYyLTQ4dzYtY3J4cs4AA8GY
Bonitasoft Runtime Community edition's contains an insecure direct object references vulnerability
Ecosystems: maven
Packages: org.bonitasoft.engine:bonita-server
Source: GitHub Advisory Database
Blast Radius: 7.6
Published: 2 months ago
Critical
GSA_kwCzR0hTQS14M3dtLWhmZnItY2h3bc4AA8GB
Amazon JDBC Driver for Redshift SQL Injection via line comment generation
Ecosystems: maven
Packages: com.amazon.redshift:redshift-jdbc42
Source: GitHub Advisory Database
Blast Radius: 28.5
Published: 2 months ago
Moderate
GSA_kwCzR0hTQS1nOTV2LTNwajYtajQzM84AA7-q
Ant Media Server does not properly authorize non-administrative API calls
Ecosystems: maven
Packages: io.antmedia:ant-media-server
Source: GitHub Advisory Database
Blast Radius: 6.8
Published: 2 months ago
Critical
GSA_kwCzR0hTQS0zMzh4LWhmeDgtdng5eM4AA78P
Apache Karaf Cave: Cave SSRF and arbitrary file access
Ecosystems: maven
Packages: org.apache.karaf:cave
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 2 months ago
Moderate
GSA_kwCzR0hTQS04eGZjLWdtNmctdmdwds4AA75b
Bouncy Castle certificate parsing issues cause high CPU usage during parameter evaluation.
Ecosystems: nuget, maven
Packages: BouncyCastle.Cryptography, BouncyCastle, org.bouncycastle:bc-fips, org.bouncycastle:bcpkix-jdk14, org.bouncycastle:bcpkix-jdk15to18, org.bouncycastle:bcpkix-jdk18on, org.bouncycastle:bctls-jdk15to18, org.bouncycastle:bctls-jdk14, org.bouncycastle:bctls-jdk18on, org.bouncycastle:bcprov-jdk14, org.bouncycastle:bcprov-jdk15to18, org.bouncycastle:bcprov-jdk15on, org.bouncycastle:bcprov-jdk18on
Source: GitHub Advisory Database
Blast Radius: 23.7
Published: 2 months ago
Moderate
GSA_kwCzR0hTQS12NDM1LXhjOHgtd3ZyOc4AA76H
Bouncy Castle affected by timing side-channel for RSA key exchange ("The Marvin Attack")
Ecosystems: maven, nuget
Packages: org.bouncycastle:bcpkix-jdk14, org.bouncycastle:bcpkix-jdk15to18, org.bouncycastle:bcpkix-jdk18on, BouncyCastle.Cryptography, BouncyCastle, org.bouncycastle:bctls-jdk15to18, org.bouncycastle:bctls-jdk14, org.bouncycastle:bctls-jdk18on, org.bouncycastle:bcprov-jdk14, org.bouncycastle:bcprov-jdk15to18, org.bouncycastle:bcprov-jdk15on, org.bouncycastle:bcprov-jdk18on, org.bouncycastle:bctls-fips
Source: GitHub Advisory Database
Blast Radius: 26.2
Published: 2 months ago
Moderate
GSA_kwCzR0hTQS1tNDRqLWNmcm0tZzhxY84AA76G
Bouncy Castle crafted signature and public key can be used to trigger an infinite loop
Ecosystems: nuget, maven
Packages: BouncyCastle.Cryptography, BouncyCastle, org.bouncycastle:bcpkix-jdk14, org.bouncycastle:bcpkix-jdk15to18, org.bouncycastle:bcpkix-jdk18on, org.bouncycastle:bctls-jdk15to18, org.bouncycastle:bctls-jdk14, org.bouncycastle:bctls-jdk18on, org.bouncycastle:bcprov-jdk14, org.bouncycastle:bcprov-jdk15to18, org.bouncycastle:bcprov-jdk15on, org.bouncycastle:bcprov-jdk18on
Source: GitHub Advisory Database
Blast Radius: 23.7
Published: 2 months ago
Critical
GSA_kwCzR0hTQS13cGN2LTVqZ3AtNjlmM84AA74R
Genie Path Traversal vulnerability via File Uploads
Ecosystems: maven
Packages: com.netflix.genie:genie-web
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 2 months ago
High
GSA_kwCzR0hTQS1mZ2gzLXB3bXAtM3F3M84AA73r
Apache Inlong Deserialization of Untrusted Data vulnerability
Ecosystems: maven
Packages: org.apache.inlong:manager-pojo
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
Critical
GSA_kwCzR0hTQS1wMzQzLTlxd3AtcHF4ds4AA71B
Neo4j Cypher component mishandles IMMUTABLE privileges
Ecosystems: maven
Packages: org.neo4j:neo4j-cypher
Source: GitHub Advisory Database
Blast Radius: 24.9
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS02NGNtLTNjajMtNjdoZs4AA70r
MS Basic Cross-site Scripting vulnerability
Ecosystems: maven
Packages: net.mingsoft:ms-basic
Source: GitHub Advisory Database
Blast Radius: 4.1
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS0yeDUyLThmMjktN2Nqcs4AA70W
Eclipse Dataspace Components vulnerable to OAuth2 client secret disclosure
Ecosystems: maven
Packages: org.eclipse.edc:connector-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
Low
GSA_kwCzR0hTQS00aDhmLTJ3dngtZ2c1d84AA7vg
Bouncy Castle Java Cryptography API vulnerable to DNS poisoning
Ecosystems: maven
Packages: org.bouncycastle:bcprov-jdk12, org.bouncycastle:bcprov-jdk13, org.bouncycastle:bcprov-jdk14, org.bouncycastle:bcprov-jdk15to18, org.bouncycastle:bcprov-jdk18on
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS12cHczLTNwcmYtMzk3NM4AA7uX
Apache Hive Code Injection vulnerability
Ecosystems: maven
Packages: org.apache.hive:hive-jdbc
Source: GitHub Advisory Database
Blast Radius: 22.3
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS14N2c2LXJ3aGMtZzdtas4AA7fv
Wildfly vulnerable to denial of service
Ecosystems: maven
Packages: org.wildfly:wildfly-domain-http
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
Low
GSA_kwCzR0hTQS05NHByLXc5NjgtaDkyM84AA7fp
Jenkins Telegram Bot Plugin stores the Telegram Bot token in plaintext
Ecosystems: maven
Packages: org.jenkins-ci.plugins:telegrambot
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS14aDljLXZjZjktaDk0bc4AA7fo
Jenkins Git server Plugin does not perform a permission check
Ecosystems: maven
Packages: org.jenkins-ci.plugins:git-server
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
High
GSA_kwCzR0hTQS12NjNnLXYzMzktMjY3M84AA7fm
Jenkins Script Security Plugin has sandbox bypass vulnerability involving crafted constructor bodies
Ecosystems: maven
Packages: org.jenkins-ci.plugins:script-security
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS1waGgzLTJwOW0tdzZqNc4AA7fq
Jenkins Subversion Partial Release Manager Plugin programmatically disables the fix for CVE-2016-3721
Ecosystems: maven
Packages: org.jenkins-ci.plugins:partial-release-manager
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
High
GSA_kwCzR0hTQS0yZzRxLTl2bTktOWZ3NM4AA7fn
Jenkins Script Security Plugin sandbox bypass vulnerability
Ecosystems: maven
Packages: org.jenkins-ci.plugins:script-security
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
High
GSA_kwCzR0hTQS1najVtLW04OGotdjdjM84AA7fS
Apache ActiveMQ's default configuration doesn't secure the API web context
Ecosystems: maven
Packages: org.apache.activemq:apache-activemq
Source: GitHub Advisory Database
Blast Radius: 12.0
Published: 3 months ago
Low
GSA_kwCzR0hTQS1jaGZtLTY4dnYtcHZ3Nc4AA7eI
XMLUnit for Java has Insecure Defaults when Processing XSLT Stylesheets
Ecosystems: maven
Packages: org.xmlunit:xmlunit-core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS05d21mLXhmM2gtcjhwcs4AA7T1
Jberet: jberet-core logging database credentials
Ecosystems: maven
Packages: org.jberet:jberet-core
Source: GitHub Advisory Database
Blast Radius: 16.0
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS0yNXc0LWhmcWctNHI1Ms4AA7T0
Quarkus: authorization flaw in quarkus resteasy reactive and classic
Ecosystems: maven
Packages: io.quarkus:quarkus-resteasy-reactive-common, io.quarkus:quarkus-resteasy-reactive-common-deployment
Source: GitHub Advisory Database
Blast Radius: 13.3
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS1tdjY0LTg2ZzgtY3FxN84AA7Tz
Quarkus: security checks in resteasy reactive may trigger a denial of service
Ecosystems: maven
Packages: io.quarkus.resteasy.reactive:resteasy-reactive
Source: GitHub Advisory Database
Blast Radius: 11.0
Published: 3 months ago
High
GSA_kwCzR0hTQS01eHYzLWZtN2ctODY1cs4AA7R-
OpenMetadata vulnerable to a SpEL Injection in `GET /api/v1/policies/validation/condition/<expr>` (`GHSL-2023-236`)
Ecosystems: maven
Packages: org.open-metadata:openmetadata-service
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
High
GSA_kwCzR0hTQS04cDVyLTZtdnYtMjQzNc4AA7R9
OpenMetadata vulnerable to a SpEL Injection in `PUT /api/v1/events/subscriptions` (`GHSL-2023-251`)
Ecosystems: maven
Packages: org.open-metadata:openmetadata-service
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
Critical
GSA_kwCzR0hTQS03dmY0LXg1bTItcjZncs4AA7QP
OpenMetadata vulnerable to SpEL Injection in `PUT /api/v1/policies` (`GHSL-2023-252`)
Ecosystems: maven
Packages: org.open-metadata:openmetadata-service
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
Low
GSA_kwCzR0hTQS1odnA1LTV4NGYtMzNmcc4AA7PK
JADX file override vulnerability
Ecosystems: maven
Packages: io.github.skylot:jadx-core
Source: GitHub Advisory Database
Blast Radius: 4.1
Published: 3 months ago
High
GSA_kwCzR0hTQS1xd2h3LWhoOWotNTRmNc4AA7PI
Ant Media Server vulnerable to a local privilege escalation
Ecosystems: maven
Packages: io.antmedia:ant-media-server
Source: GitHub Advisory Database
Blast Radius: 8.1
Published: 3 months ago
Critical
GSA_kwCzR0hTQS0yOXJjLXZxN2YteDMzNc4AA7O2
Apache HugeGraph-Server: Command execution in gremlin
Ecosystems: maven
Packages: org.apache.hugegraph:hugegraph-core, org.apache.hugegraph:hugegraph-api
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS03N3g0LTU1cTctNHZtas4AA7O1
Apache HugeGraph-Hubble: SSRF in Hubble connection page
Ecosystems: maven
Packages: org.apache.hugegraph:hugegraph-hubble
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
High
GSA_kwCzR0hTQS02bWdwLXA3NXItdmhqbc4AA7O6
Apache HugeGraph-Server: Bypass whitelist in Auth mode
Ecosystems: maven
Packages: org.apache.hugegraph:hugegraph-api
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
Statistics
Advisories: 19,557
Packages: 8,629
Repositories: 998
Ecosystems: 12
Filter by Package
org.jenkins-ci.main:jenkins-core 189 org.apache.tomcat:tomcat 133 com.fasterxml.jackson.core:jackson-databind 69 org.apache.struts:struts2-core 55 org.keycloak:keycloak-core 47 com.liferay.portal:release.portal.bom 45 org.apache.tomcat.embed:tomcat-embed-core 37 com.thoughtworks.xstream:xstream 36 com.jfinal:jfinal 36 net.mingsoft:ms-mcms 35 org.xwiki.platform:xwiki-platform-oldcore 35 org.elasticsearch:elasticsearch 34 org.jenkins-ci.plugins:script-security 32 org.keycloak:keycloak-services 31 io.undertow:undertow-core 30 org.keycloak:keycloak-parent 25 org.apache.solr:solr-core 25 org.springframework.security:spring-security-core 23 org.eclipse.jetty:jetty-server 23 org.apache.nifi:nifi 22 org.bouncycastle:bcprov-jdk14 22 org.apache.openmeetings:openmeetings-parent 21 org.cloudfoundry.identity:cloudfoundry-identity-server 20 org.springframework:spring-core 19 com.vaadin:vaadin-bom 18 com.liferay.portal:release.dxp.bom 18 org.apache.geode:geode-core 17 org.xwiki.platform:xwiki-platform-web-templates 17 org.apache.dubbo:dubbo 16 org.apache.jspwiki:jspwiki-main 16 org.apache.activemq:activemq-client 16 org.bouncycastle:bcprov-jdk15 16 org.apache.struts.xwork:xwork-core 15 org.xwiki.platform:xwiki-platform-web 14 org.apache.inlong:manager-pojo 14 org.apache.cxf:cxf 13 org.apache.hadoop:hadoop-main 13 org.bouncycastle:bcprov-jdk15on 12 org.apache.tomcat:tomcat-coyote 12 org.jenkins-ci.plugins:git 12 org.jenkins-ci.plugins.workflow:workflow-cps 12 com.vaadin:flow-server 12 org.apache.ranger:ranger 11 org.igniterealtime.openfire:parent 11 org.jeecgframework.boot:jeecg-boot-common 11 org.apache.jspwiki:jspwiki-war 11 org.apache.commons:commons-compress 11 org.apache.james:james-server 11 org.apache.camel:camel-core 11 org.apache.hadoop:hadoop-common 11 org.apache.tika:tika-core 11 org.apache.dolphinscheduler:dolphinscheduler 11 org.apache.cxf:cxf-core 11 org.mortbay.jetty:jetty 11 org.jenkins-ci.plugins:email-ext 11 org.jeecgframework.boot:jeecg-boot-parent 11 com.xuxueli:xxl-job 11 org.apache.inlong:manager-service 10 io.netty:netty 10 org.jenkins-ci.plugins.workflow:workflow-cps-global-lib 10 org.jboss.netty:netty 10 org.xwiki.platform:xwiki-platform-administration-ui 10 org.apache.tomcat:tomcat-catalina 9 io.jenkins:configuration-as-code 9 org.apache.tapestry:tapestry-core 9 org.opencms:opencms-core 9 org.bouncycastle:bcprov-jdk15to18 9 org.apache.xmlgraphics:batik 9 org.jenkins-ci.plugins:config-file-provider 9 org.jenkins-ci.plugins:electricflow 9 org.craftercms:crafter-studio 9 org.apache.hive:hive 9 com.sonyericsson.jenkins.plugins.bfa:build-failure-analyzer 9 org.springframework:spring-webmvc 9 org.opennms:opennms 9 cn.hutool:hutool-core 9 org.opencrx:opencrx-core-models 9 org.springframework:spring-web 9 org.jenkins-ci.plugins:active-directory 9 org.apache.archiva:archiva 9 org.apache.shiro:shiro-core 9 org.apache.hive:hive-exec 8 org.graylog2:graylog2-server 8 org.apache.kylin:kylin 8 org.yaml:snakeyaml 8 org.apache.ambari:ambari 8 org.apache.ozone:ozone-main 8 org.jenkins-ci.plugins:ec2 8 io.jenkins.blueocean:blueocean 8 org.apache.pdfbox:pdfbox 8 com.hazelcast:hazelcast 8 org.apache.santuario:xmlsec 8 org.postgresql:postgresql 8 mysql:mysql-connector-java 8 org.webjars.npm:jquery 8 jquery 8 org.apache.zeppelin:zeppelin 8 jquery-rails 8 jQuery 7 org.jenkins-ci.plugins:jobConfigHistory 7 jQuery.UI.Combined 7 io.dataease:dataease-plugin-common 7 org.webjars.npm:jquery-ui 7 org.jenkins-ci.plugins:subversion 7 org.apache.inlong:manager-web 7 jquery-ui-rails 7 jquery-ui 7 io.jenkins.plugins:warnings-ng 7 io.jenkins.plugins:cavisson-ns-nd-integration 7 org.apache.poi:poi 7 org.apache.hive:hive-service 7 org.jenkins-ci.plugins:openshift-deployer 7 org.apache.activemq:activemq-parent 7 org.jenkins-ci.plugins:mercurial 7 io.atomix:atomix 7 org.apache.tika:tika 7 org.owasp.esapi:esapi 7 org.apache.atlas:atlas-common 7 org.apache.karaf:apache-karaf 7 net.opentsdb:opentsdb 7 org.apache.cxf:apache-cxf 7 org.apache.logging.log4j:log4j-core 7 org.jenkins-ci.plugins:rundeck 7 org.jruby:jruby-stdlib 7 org.apache.spark:spark-core_2.11 7 org.silverpeas.core:silverpeas-core-web 7 org.apache.derby:derby 7 org.owasp.antisamy:antisamy 7 org.jeecgframework.boot:jeecg-boot-base 7 rubygems-update 7 io.jenkins.plugins:miniorange-saml-sp 7 org.jboss.resteasy:resteasy-client 7 org.apache.linkis:linkis 7 org.jenkins-ci.plugins:artifactory 7 cn.hutool:hutool-json 6 com.sonyericsson.hudson.plugins.gerrit:gerrit-trigger 6 io.netty:netty-handler 6 org.apache.syncope:syncope-core 6 org.apache.shenyu:shenyu-common 6 commons-fileupload:commons-fileupload 6 org.opencastproject:opencast-kernel 6 io.netty:netty-codec-http 6 com.xebialabs.deployit.ci:deployit-plugin 6 org.apache.mesos:mesos 6 org.apache.axis:axis 6 org.jenkins-ci.plugins:azure-vm-agents 6 org.jenkins-ci.plugins:pipeline-maven 6 axis:axis 6 org.apache.pulsar:pulsar-broker 6 org.apache.spark:spark-core_2.10 6 org.apache.solr:solr-parent 6 org.jenkins-ci.plugins:repository-connector 6 org.apache.storm:storm-core 6 org.jenkins-ci.plugins:ec2-deployment-dashboard 6 com.jflyfox:jflyfox_jfinal 6 org.apache.struts:struts2-rest-plugin 6 org.bouncycastle:bcprov-jdk18on 6 org.csanchez.jenkins.plugins:kubernetes 6 hudson.plugins:project-inheritance 6 tech.powerjob:powerjob 6 org.jenkins-ci.plugins:fortify-on-demand-uploader 6 org.jenkins-ci.plugins:gitlab-oauth 6 org.opensearch.plugin:opensearch-security 6 de.tum.in.ase:artemis-java-test-sandbox 6 org.xwiki.commons:xwiki-commons-xml 6 org.apache.httpcomponents:httpclient 6 org.xwiki.platform:xwiki-platform-appwithinminutes-ui 5 org.geoserver:gs-wms 5 com.nimbusds:nimbus-jose-jwt 5 org.jeecgframework.boot:jeecg-boot-base-core 5 com.alibaba:dubbo 5 org.neo4j.procedure:apoc 5 org.apache.kylin:kylin-server-base 5 org.jenkins-ci.plugins:openid 5 org.jenkins-ci.plugins:mailer 5 xerces:xercesImpl 5 com.coravy.hudson.plugins.github:github 5 org.jenkins-ci.plugins:fortify 5 org.jenkins-ci.plugins:google-login 5 org.jenkins-ci.plugins:htmlpublisher 5 org.jenkins-ci.plugins:websphere-deployer 5 org.jenkins-ci.plugins:support-core 5 org.apache.zeppelin:zeppelin-server 5 info.magnolia:magnolia-core 5 org.jenkins-ci.plugins:aws-codecommit-trigger 5 com.vaadin:vaadin-server 5 org.jenkins-ci.plugins:scriptler 5 org.springframework.security.oauth:spring-security-oauth2 5 struts:struts 5 org.xwiki.platform:xwiki-platform-flamingo-skin-resources 5 org.jenkins-ci.plugins:google-compute-engine 5 org.springframework.amqp:spring-amqp 5 org.apache.struts:struts-core 5 com.mabl.integration.jenkins:mabl-integration 5 org.infinispan:infinispan-core 5 org.jenkins-ci.plugins:publish-over-ssh 5 org.jenkinsci.plugins:octoperf 5 org.codehaus.jettison:jettison 5 org.jenkins-ci.plugins:ghprb 5 com.ruoyi:ruoyi 5
Filter by Repository
https://github.com/xwiki/xwiki-platform 174 https://github.com/jenkinsci/jenkins 148 https://github.com/apache/tomcat 97 https://github.com/FasterXML/jackson-databind 70 https://github.com/keycloak/keycloak 64 https://github.com/apache/struts 46 https://github.com/spring-projects/spring-framework 41 https://github.com/x-stream/xstream 36 https://github.com/apache/activemq 33 https://github.com/CVEProject/cvelist 28 https://github.com/apache/inlong 26 https://github.com/eclipse/jetty.project 23 https://github.com/apache/nifi 22 https://github.com/apache/cxf 21 https://github.com/jenkinsci/script-security-plugin 21 https://github.com/netty/netty 20 https://github.com/jeecgboot/jeecg-boot 20 https://github.com/OpenNMS/opennms 20 https://github.com/bcgit/bc-java 19 https://github.com/cloudfoundry/uaa 19 https://github.com/geoserver/geoserver 18 https://github.com/vaadin/platform 17 https://github.com/opencast/opencast 16 https://github.com/apache/camel 15 https://github.com/ming-soft/MCMS 13 https://github.com/quarkusio/quarkus 13 https://github.com/undertow-io/undertow 13 https://github.com/dromara/hutool 13 https://github.com/xuxueli/xxl-job 13 https://github.com/apache/dolphinscheduler 12 https://github.com/apache/kylin 12 https://github.com/igniterealtime/Openfire 11 https://github.com/vaadin/flow 11 https://github.com/jenkinsci/git-plugin 10 https://github.com/spring-projects/spring-security 10 https://github.com/apache/zeppelin 10 https://github.com/DSpace/DSpace 10 https://github.com/Graylog2/graylog2-server 9 https://github.com/apache/lucene-solr 9 https://github.com/cui2shark/cms 9 https://github.com/jquery/jquery 9 https://github.com/jenkinsci/config-file-provider-plugin 8 https://github.com/hazelcast/hazelcast 8 https://github.com/xwiki/xwiki-commons 8 https://github.com/nahsra/antisamy 8 https://github.com/opensearch-project/security 8 https://github.com/apache/xmlgraphics-batik 7 https://github.com/rundeck/rundeck 7 https://github.com/dataease/dataease 7 https://github.com/rubygems/rubygems 7 https://github.com/RhinoSecurityLabs/CVEs 7 https://github.com/ratpack/ratpack 7 https://github.com/vaadin/framework 7 https://github.com/jflyfox/jfinal_cms 7 https://github.com/OpenTSDB/opentsdb 7 https://github.com/pgjdbc/pgjdbc 7 https://github.com/jenkinsci/blueocean-plugin 7 https://github.com/apache/tika 6 https://github.com/jenkinsci/ec2-plugin 6 https://github.com/vert-x3/vertx-web 6 https://github.com/jenkinsci/build-failure-analyzer-plugin 6 https://github.com/OpenRefine/OpenRefine 6 https://github.com/line/armeria 6 https://github.com/ESAPI/esapi-java-legacy 6 https://github.com/jenkinsci/electricflow-plugin 6 https://github.com/OpenAPITools/openapi-generator 6 https://github.com/http4s/http4s 6 https://github.com/ls1intum/Ares 6 https://github.com/jenkinsci/configuration-as-code-plugin 6 https://github.com/apache/hadoop 6 https://github.com/jenkinsci/gerrit-trigger-plugin 6 https://github.com/DrunkenShells/Disclosures 6 https://github.com/jquery/jquery-ui 6 https://github.com/playframework/playframework 6 https://github.com/resteasy/resteasy 6 https://github.com/cui2shark/security 6 https://github.com/apache/pulsar 6 https://bitbucket.org/snakeyaml/snakeyaml 6 https://github.com/jenkinsci/fortify-on-demand-uploader-plugin 6 https://github.com/apache/shenyu 5 https://github.com/apache/shiro 5 https://github.com/jenkinsci/support-core-plugin 5 https://github.com/jenkinsci/subversion-plugin 5 https://github.com/protocolbuffers/protobuf 5 https://github.com/jenkinsci/github-plugin 5 https://github.com/PowerJob/PowerJob 5 https://github.com/jenkinsci/gitlab-plugin 5 https://github.com/neo4j-contrib/neo4j-apoc-procedures 5 https://github.com/grails/grails-core 5 https://github.com/jenkinsci/junit-plugin 5 https://github.com/jenkinsci/active-directory-plugin 5 https://github.com/apiman/apiman 5 https://github.com/restlet/restlet-framework-java 5 https://github.com/apache/karaf 5 https://github.com/h2database/h2database 5 https://github.com/jenkinsci/m2release-plugin 5 https://github.com/apache/openmeetings 5 https://github.com/jenkinsci/codedx-plugin 5 https://github.com/apache/syncope 5 https://github.com/alkacon/opencms-core 5 https://github.com/alibaba/nacos 5 https://github.com/jenkinsci/publish-over-ssh-plugin 5 https://github.com/jettison-json/jettison 5 https://github.com/JLLeitschuh/security-research 5 https://github.com/jenkinsci/email-ext-plugin 5 https://github.com/apache/geode 5 https://github.com/jenkinsci/workflow-cps-global-lib-plugin 5 https://bitbucket.org/connect2id/nimbus-jose-jwt 5 https://github.com/jensdietrich/xshady-release 5 https://github.com/shopizer-ecommerce/shopizer 4 https://github.com/skylot/jadx 4 https://github.com/jenkinsci/job-config-history-plugin 4 https://github.com/xerial/snappy-java 4 https://github.com/jenkinsci/credentials-binding-plugin 4 https://github.com/apache/activemq-artemis 4 https://github.com/itext/itext7 4 https://github.com/jenkinsci/xldeploy-plugin 4 https://github.com/jenkinsci/htmlpublisher-plugin 4 https://github.com/jenkinsci/hpe-application-automation-tools-plugin 4 https://github.com/jfinal/jfinal 4 https://github.com/ktorio/ktor 4 https://github.com/jenkinsci/libvirt-slave-plugin 4 https://github.com/apache/streampipes 4 https://github.com/yamcs/yamcs 4 https://github.com/infinispan/infinispan 4 https://github.com/pippo-java/pippo 4 https://github.com/apache/solr 4 https://github.com/jenkinsci/p4-plugin 4 https://github.com/resteasy/Resteasy 4 https://github.com/reportportal/reportportal 4 https://github.com/jenkinsci/nexus-platform-plugin 4 https://github.com/bcgit/bc-csharp 4 https://github.com/jenkinsci/gitlab-oauth-plugin 4 https://github.com/HtmlUnit/htmlunit 4 https://github.com/jenkinsci/ansible-plugin 4 https://github.com/stanfordnlp/corenlp 4 https://github.com/aws/aws-iot-device-sdk-java-v2 4 https://github.com/micronaut-projects/micronaut-core 4 https://github.com/jenkinsci/warnings-ng-plugin 4 https://github.com/jenkinsci/active-choices-plugin 4 https://github.com/apache/httpcomponents-client 4 https://github.com/jenkinsci/matrix-project-plugin 4 https://github.com/jenkinsci/workflow-cps-plugin 4 https://github.com/jenkinsci/fortify-plugin 4 https://github.com/jenkinsci/rundeck-plugin 4 https://github.com/nightcloudos/new_cms 4 https://github.com/eclipse-ee4j/mojarra 3 https://github.com/apache/storm 3 https://github.com/ysuzhangbin/cms 3 https://github.com/jenkinsci/audit-trail-plugin 3 https://github.com/qos-ch/logback 3 https://github.com/codehaus-plexus/plexus-utils 3 https://github.com/jooby-project/jooby 3 https://github.com/matrix-org/matrix-android-sdk2 3 https://bitbucket.org/b_c/jose4j 3 https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server 3 https://github.com/jenkinsci/nomad-plugin 3 https://svn.apache.org/viewvc/tomcat/tc7.0.x 3 https://github.com/jenkinsci/mercurial-plugin 3 https://github.com/mbechler/marshalsec 3 https://github.com/joniles/mpxj 3 https://github.com/crate/crate 3 https://github.com/li-yu320/cms 3 https://github.com/Adobe-Consulting-Services/acs-aem-commons 3 https://github.com/eclipse-vertx/vert.x 3 https://github.com/AsyncHttpClient/async-http-client 3 https://github.com/opengoofy/hippo4j 3 https://github.com/open-metadata/OpenMetadata 3 https://github.com/jenkinsci/bitbucket-oauth-plugin 3 https://github.com/aws/amazon-redshift-jdbc-driver 3 https://svn.apache.org/viewvc/lucene/dev 3 https://github.com/jenkinsci/scriptler-plugin 3 https://github.com/jenkinsci/cas-plugin 3 https://github.com/orientechnologies/orientdb 3 https://github.com/LetianYuan/My-CVE-Public-References 3 https://github.com/jeremylong/DependencyCheck 3 https://github.com/OWASP/json-sanitizer 3 https://github.com/eclipse/lemminx 3 https://github.com/jenkinsci/azure-vm-agents-plugin 3 https://github.com/jenkinsci/azure-credentials-plugin 3 https://github.com/peteroupc/CBOR-Java 3 https://github.com/pf4j/pf4j 3 https://github.com/jhy/jsoup 3 https://github.com/dnsjava/dnsjava 3 https://github.com/apache/olingo-odata4 3 https://github.com/jenkinsci/jira-plugin 3 https://github.com/jenkinsci/code-coverage-api-plugin 3 https://github.com/xwiki/xwiki-rendering 3 https://github.com/grpc/grpc 3 https://github.com/spray/spray-json 3 https://github.com/jenkinsci/hashicorp-vault-plugin 3 https://github.com/apache/james-project 3 https://github.com/spring-projects/spring-boot 3 https://github.com/Jarvis-616/cms 3 https://github.com/jenkinsci/compuware-topaz-for-total-test-plugin 3 https://github.com/jenkinsci/git-parameter-plugin 3 https://github.com/apache/jackrabbit 3 https://github.com/jenkinsci/gitlab-branch-source-plugin 3 https://github.com/jenkinsci/git-client-plugin 3