Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

maven Security Advisories

Browse all Security Advisories for maven

Loading...
Moderate
GSA_kwCzR0hTQS1qaDZ4LTd4ZmctOWNxMs4ABBmw
Searching Opencast may cause a denial of service
Ecosystems: maven
Packages: org.opencastproject:opencast-elasticsearch-impl
Source: GitHub Advisory Database
Blast Radius: 9.7
Published: about 8 hours ago
Moderate
GSA_kwCzR0hTQS0yeDJnLTMycjctcDR4OM4ABBff
Apache Kafka Clients: Privilege escalation to filesystem read-access via automatic ConfigProvider
Ecosystems: maven
Packages: org.apache.kafka:kafka-clients
Source: GitHub Advisory Database
Blast Radius: 28.0
Published: 2 days ago
High
GSA_kwCzR0hTQS12Z2dtLTM0Nzgtdm01bc4ABBeR
Graylog concurrent PDF report rendering can leak other users' reports
Ecosystems: maven
Packages: org.graylog:graylog-parent
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 2 days ago
Moderate
GSA_kwCzR0hTQS1mNjMyLTk0NDktM2o0d84ABBdK
Apache Tomcat - XSS in generated JSPs
Ecosystems: maven
Packages: org.apache.tomcat:tomcat-jasper
Source: GitHub Advisory Database
Blast Radius: 23.2
Published: 3 days ago
Moderate
GSA_kwCzR0hTQS1xdmY1LWh2angtd20yN84ABBdF
Apache Tomcat Request and/or response mix-up
Ecosystems: maven
Packages: org.apache.tomcat:tomcat-coyote, org.apache.tomcat.embed:tomcat-embed-core
Source: GitHub Advisory Database
Blast Radius: 27.0
Published: 3 days ago
Critical
GSA_kwCzR0hTQS14Y3ByLTdtcjQtaDR4cc4ABBdD
Apache Tomcat - Authentication Bypass
Ecosystems: maven
Packages: org.apache.tomcat:tomcat-catalina
Source: GitHub Advisory Database
Blast Radius: 36.7
Published: 3 days ago
Moderate
GSA_kwCzR0hTQS13M2M4LTdyOGYtOWpwOM4ABBcJ
Spring MVC controller vulnerable to a DoS attack
Ecosystems: maven
Packages: org.springframework:spring-webmvc
Source: GitHub Advisory Database
Blast Radius: 28.4
Published: 3 days ago
Moderate
GSA_kwCzR0hTQS1odnc1LTNtZ3ctN3JjZs4ABBb_
Debezium database connector has a script injection vulnerability
Ecosystems: maven
Packages: io.debezium:debezium-core, io.debezium:debezium-connector-sqlserver, io.debezium:debezium-connector-mysql
Source: GitHub Advisory Database
Blast Radius: 16.4
Published: 4 days ago
High
GSA_kwCzR0hTQS0zanJ2LWpncDgtNDV2M84ABBcA
Undertow incorrectly parses cookies
Ecosystems: maven
Packages: io.undertow:undertow-core
Source: GitHub Advisory Database
Blast Radius: 27.5
Published: 4 days ago
Moderate
GSA_kwCzR0hTQS1xMjk3LTVmZjgtaGM5Ms4ABBYN
FitNesse Path Traversal
Ecosystems: maven
Packages: org.fitnesse:fitnesse
Source: GitHub Advisory Database
Blast Radius: 14.5
Published: 6 days ago
Moderate
GSA_kwCzR0hTQS1wZzgyLTl3MzUtM3czcs4ABBYR
FitNesse Cross-site scripting
Ecosystems: maven
Packages: org.fitnesse:fitnesse
Source: GitHub Advisory Database
Blast Radius: 16.7
Published: 6 days ago
High
GSA_kwCzR0hTQS1oMjNqLTczd3ctNzU5NM4ABBU_
Session fixation vulnerability in Jenkins OpenId Connect Authentication Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:oic-auth
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 days ago
High
GSA_kwCzR0hTQS04ODg2LTh2MjctODVqOM4ABBVK
Stored XSS vulnerability in Jenkins Authorize Project Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:authorize-project
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 days ago
High
GSA_kwCzR0hTQS03ODQ1LWNyZmotcGhjNM4ABBVL
Script security bypass vulnerability in Jenkins Shared Library Version Override Plugin
Ecosystems: maven
Packages: io.jenkins.plugins:shared-library-version-override
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 days ago
High
GSA_kwCzR0hTQS1wMnFxLWM2OTMtcTUzd84ABBVH
Restarting a run with revoked script approval allowed by Jenkins Pipeline: Declarative Plugin
Ecosystems: maven
Packages: org.jenkinsci.plugins:pipeline-model-parent
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 days ago
High
GSA_kwCzR0hTQS1tcnByLXZyODIteDg4cs4ABBVF
Rebuilding a run with revoked script approval allowed by Jenkins Pipeline: Groovy Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins.workflow:workflow-cps
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 days ago
Moderate
GSA_kwCzR0hTQS1qdjgyLTc1ZmgtMjNyN84ABBVE
Missing permission check in Jenkins Script Security Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:script-security
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 days ago
High
GSA_kwCzR0hTQS14cTN3LXY1MjgtNDZyds4ABBP1
Denial of Service attack on windows app using netty
Ecosystems: maven
Packages: io.netty:netty-common
Source: GitHub Advisory Database
Blast Radius: 20.4
Published: 8 days ago
High
GSA_kwCzR0hTQS1wZ3JjLTh3cDUtNW12cc4ABBLa
powertac-server XML External Entity vulnerability
Ecosystems: maven
Packages: org.powertac:server-interface
Source: GitHub Advisory Database
Blast Radius: 8.9
Published: 9 days ago
High
GSA_kwCzR0hTQS1ncjNjLXE3eGYtNDd2aM4ABBGR
XXE vulnerability in XSLT parsing in `org.hl7.fhir.core`
Ecosystems: maven
Packages: ca.uhn.hapi.fhir:org.hl7.fhir.dstu2016may, ca.uhn.hapi.fhir:org.hl7.fhir.utilities, ca.uhn.hapi.fhir:org.hl7.fhir.r5, ca.uhn.hapi.fhir:org.hl7.fhir.r4b, ca.uhn.hapi.fhir:org.hl7.fhir.r4, ca.uhn.hapi.fhir:org.hl7.fhir.dstu3
Source: GitHub Advisory Database
Blast Radius: 16.8
Published: 12 days ago
High
GSA_kwCzR0hTQS1oZnE5LWhnZ20tYzU2cc4ABBEZ
XStream is vulnerable to a Denial of Service attack due to stack overflow from a manipulated binary input stream
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: GitHub Advisory Database
Blast Radius: 33.0
Published: 13 days ago
Moderate
GSA_kwCzR0hTQS14ODNtLXBmNmYtcGY5Z84ABBDG
hibernate-validator Cross-site Scripting vulnerability
Ecosystems: maven
Packages: org.hibernate.validator:hibernate-validator
Source: GitHub Advisory Database
Blast Radius: 27.5
Published: 14 days ago
Moderate
GSA_kwCzR0hTQS05N2NxLWY0am0tbXY4aM4ABBDL
Undertow Denial of Service vulnerability
Ecosystems: maven
Packages: io.undertow:undertow-core
Source: GitHub Advisory Database
Blast Radius: 27.9
Published: 14 days ago
High
GSA_kwCzR0hTQS03anFmLXYzNTgtcDhnN84ABBC1
Apache Tomcat Allocation of Resources Without Limits or Throttling vulnerability
Ecosystems: maven
Packages: org.apache.tomcat:tomcat-util
Source: GitHub Advisory Database
Blast Radius: 25.6
Published: 14 days ago
High
GSA_kwCzR0hTQS00Y2YyLWN4cDMtcmpyN84ABA_w
HAPI FHIR XML External Entity (XXE) vulnerability
Ecosystems: maven
Packages: ca.uhn.hapi.fhir:org.hl7.fhir.validation, ca.uhn.hapi.fhir:org.hl7.fhir.utilities, ca.uhn.hapi.fhir:org.hl7.fhir.r5, ca.uhn.hapi.fhir:org.hl7.fhir.r4b, ca.uhn.hapi.fhir:org.hl7.fhir.r4, ca.uhn.hapi.fhir:org.hl7.fhir.dstu3, ca.uhn.hapi.fhir:org.hl7.fhir.dstu2016may, ca.uhn.hapi.fhir:org.hl7.fhir.dstu2, ca.uhn.hapi.fhir:org.hl7.fhir.convertors
Source: GitHub Advisory Database
Blast Radius: 19.1
Published: 15 days ago
High
GSA_kwCzR0hTQS04MmozLWhmNzItN3g5M84ABA9D
Reposilite vulnerable to path traversal while serving javadoc expanded files (arbitrary file read) (`GHSL-2024-074`)
Ecosystems: maven
Packages: com.reposilite:reposilite-backend
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 16 days ago
High
GSA_kwCzR0hTQS1yN212LW12N20tcGp3M84ABA8y
hornetq vulnerable to file overwrite, sensitive information disclosure
Ecosystems: maven
Packages: org.hornetq:hornetq-core-client
Source: GitHub Advisory Database
Blast Radius: 22.5
Published: 16 days ago
High
GSA_kwCzR0hTQS03NTJxLTcycWMtcmM2Ns4ABA7n
Apache Kylin Session Fixation vulnerability
Ecosystems: maven
Packages: org.apache.kylin:kylin
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 17 days ago
High
GSA_kwCzR0hTQS1tY3czLWg1eGctcjk1bc4ABA1i
JeecgBoot SQL Injection vulnerability
Ecosystems: maven
Packages: org.jeecgframework.boot:jeecg-boot-parent
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 21 days ago
Moderate
GSA_kwCzR0hTQS1mNjg2LWh3OWMteHc5Y84ABA0d
Snowflake JDBC Security Advisory
Ecosystems: maven
Packages: net.snowflake:snowflake-jdbc
Source: GitHub Advisory Database
Blast Radius: 17.0
Published: 22 days ago
Moderate
GSA_kwCzR0hTQS03bXFqLXhnZjgtcDU5ds4ABAw7
Apache NiFi Cross-site Scripting vulnerability
Ecosystems: maven
Packages: org.apache.nifi:nifi-web-ui
Source: GitHub Advisory Database
Blast Radius: 8.5
Published: 23 days ago
Moderate
GSA_kwCzR0hTQS1qOTQ1LWM0NHYtOTdnNs4ABAt9
MPXJ has a Potential Path Traversal Vulnerability
Ecosystems: nuget, pypi, rubygems, maven
Packages: MPXJ.Net, net.sf.mpxj-for-vb, net.sf.mpxj-for-csharp, net.sf.mpxj, mpxj, net.sf.mpxj:mpxj
Source: GitHub Advisory Database
Blast Radius: 17.0
Published: 23 days ago
Critical
GSA_kwCzR0hTQS1jNHE1LTZjODItM3Fwd84ABAtL
Spring Security vulnerable to Authorization Bypass of Static Resources in WebFlux Applications
Ecosystems: maven
Packages: org.springframework.security:spring-security-web
Source: GitHub Advisory Database
Blast Radius: 43.7
Published: 24 days ago
High
GSA_kwCzR0hTQS1xZndxLTZqaDYtOHh4NM4ABAon
OpenRefine has a path traversal in LoadLanguageCommand
Ecosystems: maven
Packages: org.openrefine:openrefine
Source: GitHub Advisory Database
Blast Radius: 2.1
Published: 27 days ago
High
GSA_kwCzR0hTQS0zcGc0LXF3YzgtNDI2cs4ABAoK
OpenRefine leaks Google API credentials in releases
Ecosystems: maven
Packages: org.openrefine:openrefine
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 27 days ago
Moderate
GSA_kwCzR0hTQS1tcGN3LTNqNXAtcDk5eM4ABAoJ
Butterfly's parseJSON, getJSON functions eval malicious input, leading to remote code execution (RCE)
Ecosystems: maven
Packages: org.openrefine.dependencies:butterfly
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 28 days ago
Critical
GSA_kwCzR0hTQS0zcDh2LXc4bXItbTN4OM4ABAoI
Butterfly has path/URL confusion in resource handling leading to multiple weaknesses
Ecosystems: maven
Packages: org.openrefine.dependencies:butterfly
Source: GitHub Advisory Database
Blast Radius: 15.5
Published: 28 days ago
Moderate
GSA_kwCzR0hTQS1qOGhwLWYybWotNTg2Z84ABAoH
OpenRefine's error page lacks escaping, leading to potential Cross-site Scripting on import of malicious project
Ecosystems: maven
Packages: org.openrefine:openrefine
Source: GitHub Advisory Database
Blast Radius: 1.8
Published: 28 days ago
High
GSA_kwCzR0hTQS04N2NmLWo3NjMtdnZoOM4ABAoG
OpenRefine's SQLite integration allows filesystem access, remote code execution (RCE)
Ecosystems: maven
Packages: org.openrefine:database
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 28 days ago
High
GSA_kwCzR0hTQS03OWp2LTUyMjYtNzgzZs4ABAoF
OpenRefine has a reflected cross-site scripting vulnerability (XSS) from POST request in ExportRowsCommand
Ecosystems: maven
Packages: org.openrefine:openrefine
Source: GitHub Advisory Database
Blast Radius: 2.4
Published: 28 days ago
High
GSA_kwCzR0hTQS0zam00LWM2cWYtanJoM84ABAoE
OpenRefine's PreviewExpressionCommand, which is eval, lacks protection against cross-site request forgery (CSRF)
Ecosystems: maven
Packages: org.openrefine:main
Source: GitHub Advisory Database
Blast Radius: 13.7
Published: 28 days ago
High
GSA_kwCzR0hTQS1wdzN4LWM1dnAtbWZjM84ABAoD
OpenRefine has a reflected cross-site scripting vulnerability (XSS) in GData extension (authorized.vt)
Ecosystems: maven
Packages: org.openrefine:extensions
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 28 days ago
Moderate
GSA_kwCzR0hTQS1qbXJmLTg1ZzgteDh4ds4ABAn2
Apache Syncope: Stored XSS in Console and Enduser
Ecosystems: maven
Packages: org.apache.syncope.client:syncope-client-console
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 28 days ago
Moderate
GSA_kwCzR0hTQS00Z2M3LTVqN2gtNHFwaM4ABAa0
Spring Framework DataBinder Case Sensitive Match Exception
Ecosystems: maven
Packages: org.springframework:spring-context
Source: GitHub Advisory Database
Blast Radius: 28.4
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS04cXY0LTc3M2otYzk3Oc4ABAYr
JetBrains Ktor information disclosure
Ecosystems: maven
Packages: io.ktor:ktor-client-core-jvm
Source: GitHub Advisory Database
Blast Radius: 14.2
Published: about 1 month ago
Critical
GSA_kwCzR0hTQS1tanZmLTRoODgtNnhtM84ABAUj
Improper Authentication vulnerability in Apache Solr
Ecosystems: maven
Packages: org.apache.solr:solr
Source: GitHub Advisory Database
Blast Radius: 23.7
Published: about 1 month ago
High
GSA_kwCzR0hTQS1oN3c5LWM1dngteDdqM84ABAUw
Insecure Default Initialization of Resource vulnerability in Apache Solr
Ecosystems: maven
Packages: org.apache.solr:solr
Source: GitHub Advisory Database
Blast Radius: 19.6
Published: about 1 month ago
High
GSA_kwCzR0hTQS1jeDk1LXE2Z3gtdzRxcM4ABARQ
SAK-50571 Sakai Kernel users created with type roleview can login as a normal user
Ecosystems: maven
Packages: org.sakaiproject.kernel:sakai-kernel-impl
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS1xaDhnLTU4cHAtMnd4aM4ABAQY
Eclipse Jetty URI parsing of invalid authority
Ecosystems: maven
Packages: org.eclipse.jetty:jetty-http
Source: GitHub Advisory Database
Blast Radius: 14.5
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS1nOG01LTcyMnItOHdocc4ABAQX
Eclipse Jetty's ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks
Ecosystems: maven
Packages: org.eclipse.jetty:jetty-server
Source: GitHub Advisory Database
Blast Radius: 26.8
Published: about 1 month ago
Low
GSA_kwCzR0hTQS1yN200LWY5aDUtZ3I3Oc4ABAQW
Eclipse Jetty's PushSessionCacheFilter can cause remote DoS attacks
Ecosystems: maven
Packages: org.eclipse.jetty:jetty-servlets
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS14bW1tLWp3NzYtcTd2Z84ABAQU
One Time Passcode (OTP) is valid longer than expiration timeSeverity
Ecosystems: maven
Packages: org.keycloak:keycloak-core
Source: GitHub Advisory Database
Blast Radius: 14.7
Published: about 1 month ago
High
GSA_kwCzR0hTQS01cnhwLTJyaHItcXdxds4ABAQT
Session fixation in Elytron SAML adapters
Ecosystems: maven
Packages: org.keycloak:keycloak-services
Source: GitHub Advisory Database
Blast Radius: 19.5
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS13OGdyLXh3cDQtcjlmN84ABAQS
Vulnerable Redirect URI Validation Results in Open Redirect
Ecosystems: maven
Packages: org.keycloak:keycloak-services
Source: GitHub Advisory Database
Blast Radius: 16.8
Published: about 1 month ago
High
GSA_kwCzR0hTQS14Z2Z2LXhweDgtcWhjcs4ABAQR
Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak
Ecosystems: maven
Packages: org.keycloak:keycloak-saml-core
Source: GitHub Advisory Database
Blast Radius: 18.1
Published: about 1 month ago
High
GSA_kwCzR0hTQS00NDNqLWdyeHYtMnBnds4ABAPx
Apache ActiveMQ Artemis: Authenticated users could perform RCE via Jolokia MBeans
Ecosystems: maven
Packages: org.apache.activemq:artemis-cli
Source: GitHub Advisory Database
Blast Radius: 17.4
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS1qMjZ3LWY5cnEtbXIycc4ABAPv
Eclipse Jetty has a denial of service vulnerability on DosFilter
Ecosystems: maven
Packages: org.eclipse.jetty:jetty-servlets, org.eclipse.jetty.ee9:jetty-ee9-servlets, org.eclipse.jetty.ee8:jetty-ee8-servlets, org.eclipse.jetty.ee10:jetty-ee10-servlets
Source: GitHub Advisory Database
Blast Radius: 20.8
Published: about 1 month ago
Critical
GSA_kwCzR0hTQS03Nm13LTZwOTUteDl4Nc4ABAOn
pac4j-core affected by a Java deserialization vulnerability
Ecosystems: maven
Packages: org.pac4j:pac4j-core
Source: GitHub Advisory Database
Blast Radius: 25.1
Published: about 1 month ago
Critical
GSA_kwCzR0hTQS1wcHBnLWNwZnEtaDd3cs4ABAM3
JSONPath Plus Remote Code Execution (RCE) Vulnerability
Ecosystems: maven, npm
Packages: org.webjars.npm:jsonpath-plus, jsonpath-plus
Source: GitHub Advisory Database
Blast Radius: 42.8
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS1qcWZ2LWpydnEtOTVqbc4ABAH6
Apache XML Graphics FOP XML External Entity Reference ('XXE') vulnerability
Ecosystems: maven
Packages: org.apache.xmlgraphics:fop-core
Source: GitHub Advisory Database
Blast Radius: 7.9
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS01d3ByLWNqOXAtOTU5cs4ABADn
HTTP Request Smuggling Leading to Client Timeouts in resteasy-netty4
Ecosystems: maven
Packages: org.jboss.resteasy:resteasy-netty4-cdi
Source: GitHub Advisory Database
Blast Radius: 5.7
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS1qcWgyLWNoN3AteHd4aM4ABADo
Quarkus CXF logs passwords and other secrets
Ecosystems: maven
Packages: io.quarkiverse.cxf:quarkus-cxf
Source: GitHub Advisory Database
Blast Radius: 7.5
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS13d2NwLTI2d2MtM2Z4bc4AA_86
JSON-lib mishandles an unbalanced comment string
Ecosystems: maven
Packages: org.kordamp.json:json-lib-core
Source: GitHub Advisory Database
Blast Radius: 2.5
Published: about 2 months ago
High
GSA_kwCzR0hTQS03OHdyLTJwNjQtaHB3as4AA_7s
Apache Commons IO: Possible denial of service attack on untrusted input to XmlStreamReader
Ecosystems: maven
Packages: commons-io:commons-io
Source: GitHub Advisory Database
Blast Radius: 40.4
Published: about 2 months ago
Critical
GSA_kwCzR0hTQS1yN3BnLXYyYzgtbWZnM84AA_7r
Apache Avro Java SDK: Arbitrary Code Execution when reading Avro Data (Java SDK)
Ecosystems: maven
Packages: org.apache.avro:avro
Source: GitHub Advisory Database
Blast Radius: 41.2
Published: about 2 months ago
Moderate
GSA_kwCzR0hTQS1mOXFqLTc3cTItaDVjNc4AA_6r
Jenkins item creation restriction bypass vulnerability
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
Critical
GSA_kwCzR0hTQS00OWh4LTltbTItNzY3Nc4AA_6x
Jenkins OpenId Connect Authentication Plugin lacks audience claim validation
Ecosystems: maven
Packages: org.jenkins-ci.plugins:oic-auth
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
Moderate
GSA_kwCzR0hTQS1wajk1LXBoNHEtNHFtNM4AA_6u
Jenkins exposes multi-line secrets through error messages
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
Moderate
GSA_kwCzR0hTQS02Mmp2LWo0dzctNWhoOM4AA_6s
Jenkins Credentials plugin reveals encrypted values of credentials to users with Extended Read permission
Ecosystems: maven
Packages: org.jenkins-ci.plugins:credentials
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
Critical
GSA_kwCzR0hTQS04cGp3LWZmZjYtM21qds4AA_62
Jenkins OpenId Connect Authentication Plugin lacks issuer claim validation
Ecosystems: maven
Packages: org.jenkins-ci.plugins:oic-auth
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
Moderate
GSA_kwCzR0hTQS1nNjQzLXhxNnctcjY3Y84AA_3q
Deserialization of Untrusted Data vulnerability in Apache Lucene Replicator.
Ecosystems: maven
Packages: org.apache.lucene:lucene-replicator
Source: GitHub Advisory Database
Blast Radius: 6.0
Published: about 2 months ago
Moderate
GSA_kwCzR0hTQS1qcTNmLW1mbWctNzQ3eM4AA_3r
Eclipse Glassfish improperly handles http parameters
Ecosystems: maven
Packages: org.glassfish.main.admin:rest-service
Source: GitHub Advisory Database
Blast Radius: 3.7
Published: about 2 months ago
Low
GSA_kwCzR0hTQS0ycXE3LWZjaDItcGhxZs4AA_yk
Maven Archetype Plugin: Maven Archetype integration-test may package local settings into the published artifact, possibly containing credentials
Ecosystems: maven
Packages: org.apache.maven.plugins:maven-archetype-plugin
Source: GitHub Advisory Database
Blast Radius: 5.4
Published: about 2 months ago
Low
GSA_kwCzR0hTQS1mNWZ3LTI1Z3ctNW05Ms4AA_xF
Apache Hadoop: Temporary File Local Information Disclosure
Ecosystems: maven
Packages: org.apache.hadoop:hadoop-common
Source: GitHub Advisory Database
Blast Radius: 14.3
Published: about 2 months ago
High
GSA_kwCzR0hTQS02Z2NoLTYzd3AtNHY1Zs4AA_wz
Apache Linkis Spark EngineConn: Commons Lang's RandomStringUtils Random string security vulnerability
Ecosystems: maven
Packages: org.apache.linkis:linkis-engineplugin-spark
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Moderate
GSA_kwCzR0hTQS0ycm1qLW1xNjctaDk3Z84AA_vW
Spring Framework DoS via conditional HTTP request
Ecosystems: maven
Packages: org.springframework:spring-web
Source: GitHub Advisory Database
Blast Radius: 27.5
Published: about 2 months ago
High
GSA_kwCzR0hTQS00bTlwLTd4ZzYtZjRtbc4AA_ul
DataEase has an XML External Entity Reference vulnerability
Ecosystems: maven
Packages: io.dataease:common
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
Critical
GSA_kwCzR0hTQS1oN21qLW03MmgtcW04d84AA_uk
DataEase's H2 datasource has a remote command execution risk
Ecosystems: maven
Packages: io.dataease:common
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
High
GSA_kwCzR0hTQS12dmY4LTJoNjgtOTQ3Nc4AA_sf
Keycloak Open Redirect vulnerability
Ecosystems: maven
Packages: org.keycloak:keycloak-services
Source: GitHub Advisory Database
Blast Radius: 18.7
Published: 2 months ago
Moderate
GSA_kwCzR0hTQS00eHg3LTJjeDMteDQ3M84AA_sj
Keycloak SAML signature validation flaw
Ecosystems: maven
Packages: org.keycloak:keycloak-saml-core
Source: GitHub Advisory Database
Blast Radius: 18.1
Published: 2 months ago
High
GSA_kwCzR0hTQS03MzVmLXBjOGotdjl3OM4AA_sT
protobuf-java has potential Denial of Service issue
Ecosystems: maven, rubygems
Packages: com.google.protobuf:protobuf-java, com.google.protobuf:protobuf-javalite, com.google.protobuf:protobuf-kotlin, com.google.protobuf:protobuf-kotlin-lite, google-protobuf
Source: GitHub Advisory Database
Blast Radius: 61.8
Published: 2 months ago
High
GSA_kwCzR0hTQS02OGo4LWZwMzgtcDQ4cc4AA_sP
Gematik Referenzvalidator has an XXE vulnerability that can lead to a Server Side Request Forgery attack
Ecosystems: maven
Packages: de.gematik.refv.commons:commons
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 2 months ago
High
GSA_kwCzR0hTQS1jNDU5LTJtNzMtNjdoas4AA_sO
SOFA Hessian Remote Command Execution (RCE) Vulnerability
Ecosystems: maven
Packages: com.alipay.sofa:hessian
Source: GitHub Advisory Database
Blast Radius: 19.5
Published: 2 months ago
Moderate
GSA_kwCzR0hTQS1wZzRtLTNncDYtaHc0d84AA_pg
org.xwiki.platform:xwiki-platform-notifications-ui leaks data of notification filters of users
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-notifications-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 2 months ago
High
GSA_kwCzR0hTQS1yOTV3LTg4OXEteDJneM4AA_pf
org.xwiki.platform:xwiki-platform-notifications-ui is missing checks for notification filter preferences editions
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-notifications-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 2 months ago
Moderate
GSA_kwCzR0hTQS1nYzdxLWpnanYtdmpyMs4AA_nT
Keycloak Services has a potential bypass of brute force protection
Ecosystems: maven
Packages: org.keycloak:keycloak-services
Source: GitHub Advisory Database
Blast Radius: 17.9
Published: 2 months ago
Low
GSA_kwCzR0hTQS1wNzJ3LXI2ZnYtNmc1aM4AA_m_
druid-pac4j, Apache Druid extension, has Padding Oracle vulnerability
Ecosystems: maven
Packages: org.apache.druid.extensions:druid-pac4j
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 2 months ago
Low
GSA_kwCzR0hTQS1qaDY2LTM1NDUtdnBtN84AA_nI
Apache Druid: Users can provide MySQL JDBC properties not on allow list
Ecosystems: maven
Packages: org.apache.druid:druid
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 months ago
Critical
GSA_kwCzR0hTQS0yZ2g2LXdjM20tZzM3Zs4AA_m6
hermes-management is vulnerable to RCE due to Apache commons-jxpath
Ecosystems: maven
Packages: pl.allegro.tech.hermes:hermes-management
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 2 months ago
Moderate
GSA_kwCzR0hTQS00NmhyLTNjcTMtbWNncM4AA_jo
OpenDaylight Authentication, Authorization and Accounting (AAA) peer impersonation vulnerability
Ecosystems: maven
Packages: org.opendaylight.aaa:aaa-artifacts
Source: GitHub Advisory Database
Blast Radius: 4.9
Published: 2 months ago
Critical
GSA_kwCzR0hTQS0zeHEyLXc2ajQtYzk5cs4AA_jU
Apache Seata Deserialization of Untrusted Data vulnerability
Ecosystems: maven
Packages: org.apache.seata:seata-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 2 months ago
High
GSA_kwCzR0hTQS1odjM4LWg1cGotYzk2as4AA_jk
OpenDaylight Model-Driven Service Abstraction Layer (MD-SAL) allows follower controller to set up flow entries
Ecosystems: maven
Packages: org.opendaylight.mdsal:mdsal-artifacts
Source: GitHub Advisory Database
Blast Radius: 10.7
Published: 2 months ago
High
GSA_kwCzR0hTQS1jeDdmLWc2bXAtN2hxbc4AA_gn
Path traversal vulnerability in functional web frameworks
Ecosystems: maven
Packages: org.springframework:spring-webflux, org.springframework:spring-webmvc
Source: GitHub Advisory Database
Blast Radius: 40.2
Published: 2 months ago
Moderate
GSA_kwCzR0hTQS04MjU5LTJ4NzItMmd2Y84AA_dh
Eclipse Dataspace Components's ConsumerPullTransferTokenValidationApiController doesn't check for token validit
Ecosystems: maven
Packages: org.eclipse.edc:transfer-data-plane
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 2 months ago
Moderate
GSA_kwCzR0hTQS03Z3EyLXZ3cTktdzh2d84AA_dg
Eclipse Glassfish URL redirection vulnerability
Ecosystems: maven
Packages: org.glassfish.main.web:web-core
Source: GitHub Advisory Database
Blast Radius: 5.8
Published: 2 months ago
High
GSA_kwCzR0hTQS13OTdmLXczaHEtMzZnMs4AA_b2
Keycloak Denial of Service vulnerability
Ecosystems: maven
Packages: org.keycloak:keycloak-core
Source: GitHub Advisory Database
Blast Radius: 19.9
Published: 2 months ago
Moderate
GSA_kwCzR0hTQS1wdm1tLTU1cjUtZzNtbc4AA_a3
XWiki Platform document history including authors of any page exposed to unauthorized actors
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-rest-server
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 2 months ago
Moderate
GSA_kwCzR0hTQS01N3JoLWdyNHYtajVmNs4AA_Yg
Keycloak Uses a Key Past its Expiration Date
Ecosystems: maven
Packages: org.keycloak:keycloak-core
Source: GitHub Advisory Database
Blast Radius: 14.7
Published: 2 months ago
High
GSA_kwCzR0hTQS1qNzZqLXJxd2otam12ds4AA_Yo
Keycloak Session Fixation vulnerability
Ecosystems: maven
Packages: org.keycloak:keycloak-services
Source: GitHub Advisory Database
Blast Radius: 19.5
Published: 2 months ago
Moderate
GSA_kwCzR0hTQS1nNGdjLXJoMjYtbTNwNc4AA_Yi
Keycloak Open Redirect vulnerability
Ecosystems: maven
Packages: org.keycloak:keycloak-core
Source: GitHub Advisory Database
Blast Radius: 13.5
Published: 2 months ago
Statistics
Advisories: 20,668
Packages: 9,040
Repositories: 1,033
Ecosystems: 12
Filter by Severity
Moderate 8,836 High 7,269 Critical 3,070 Low 1,144
Filter by Ecosystem
maven 5,864 packagist 4,634 pypi 4,352 npm 3,812 go 2,295 nuget 1,552 cargo 882 rubygems 880 swift 33 hex 32 actions 20 pub 9
Filter by Package
org.jenkins-ci.main:jenkins-core 193 org.apache.tomcat:tomcat 132 com.fasterxml.jackson.core:jackson-databind 69 org.apache.struts:struts2-core 55 org.keycloak:keycloak-core 51 com.liferay.portal:release.portal.bom 46 org.apache.tomcat.embed:tomcat-embed-core 38 org.xwiki.platform:xwiki-platform-oldcore 37 com.thoughtworks.xstream:xstream 37 org.elasticsearch:elasticsearch 36 org.keycloak:keycloak-services 36 com.jfinal:jfinal 36 net.mingsoft:ms-mcms 35 io.undertow:undertow-core 34 org.jenkins-ci.plugins:script-security 33 org.apache.solr:solr-core 25 org.keycloak:keycloak-parent 25 org.springframework.security:spring-security-core 24 org.eclipse.jetty:jetty-server 24 org.bouncycastle:bcprov-jdk14 22 org.apache.nifi:nifi 21 org.apache.openmeetings:openmeetings-parent 21 org.cloudfoundry.identity:cloudfoundry-identity-server 20 org.springframework:spring-core 19 org.xwiki.platform:xwiki-platform-web-templates 19 com.liferay.portal:release.dxp.bom 18 com.vaadin:vaadin-bom 18 org.apache.geode:geode-core 17 org.apache.dubbo:dubbo 16 org.apache.activemq:activemq-client 16 org.bouncycastle:bcprov-jdk15 16 org.apache.jspwiki:jspwiki-main 16 org.apache.struts.xwork:xwork-core 15 org.xwiki.platform:xwiki-platform-web 14 org.apache.tomcat:tomcat-coyote 14 org.apache.inlong:manager-pojo 14 org.jenkins-ci.plugins.workflow:workflow-cps 13 org.apache.hadoop:hadoop-main 13 org.apache.cxf:cxf 13 org.apache.dolphinscheduler:dolphinscheduler 12 com.vaadin:flow-server 12 org.bouncycastle:bcprov-jdk15on 12 org.apache.hadoop:hadoop-common 12 org.jeecgframework.boot:jeecg-boot-parent 12 org.jenkins-ci.plugins:git 12 org.apache.cxf:cxf-core 11 org.jenkins-ci.plugins:email-ext 11 com.xuxueli:xxl-job 11 org.apache.camel:camel-core 11 org.igniterealtime.openfire:parent 11 org.apache.james:james-server 11 org.jeecgframework.boot:jeecg-boot-common 11 org.apache.ranger:ranger 11 org.mortbay.jetty:jetty 11 org.springframework:spring-webmvc 11 org.apache.commons:commons-compress 11 org.apache.tika:tika-core 11 org.apache.jspwiki:jspwiki-war 11 io.netty:netty 10 org.xwiki.platform:xwiki-platform-administration-ui 10 org.springframework:spring-web 10 org.jboss.netty:netty 10 org.apache.inlong:manager-service 10 org.jenkins-ci.plugins.workflow:workflow-cps-global-lib 10 org.apache.tomcat:tomcat-catalina 10 org.apache.xmlgraphics:batik 9 org.opencms:opencms-core 9 org.jenkins-ci.plugins:config-file-provider 9 org.apache.linkis:linkis 9 org.apache.shiro:shiro-core 9 org.opencrx:opencrx-core-models 9 org.apache.archiva:archiva 9 cn.hutool:hutool-core 9 org.apache.tapestry:tapestry-core 9 bootstrap 9 twbs/bootstrap 9 bootstrap 9 org.webjars:bootstrap 9 org.bouncycastle:bcprov-jdk15to18 9 org.opennms:opennms 9 io.jenkins:configuration-as-code 9 org.jenkins-ci.plugins:electricflow 9 org.jenkins-ci.plugins:active-directory 9 org.craftercms:crafter-studio 9 org.apache.hive:hive 9 com.sonyericsson.jenkins.plugins.bfa:build-failure-analyzer 9 org.apache.kylin:kylin 9 bootstrap 9 org.apache.ozone:ozone-main 8 com.hazelcast:hazelcast 8 jquery 8 pyspark 8 io.jenkins.blueocean:blueocean 8 org.apache.zeppelin:zeppelin 8 org.apache.ambari:ambari 8 org.apache.santuario:xmlsec 8 org.webjars.npm:jquery 8 org.jenkins-ci.plugins:ec2 8 org.postgresql:postgresql 8 org.yaml:snakeyaml 8 mysql:mysql-connector-java 8 org.apache.pdfbox:pdfbox 8 org.apache.hive:hive-exec 8 org.graylog2:graylog2-server 8 jquery-rails 8 org.apache.derby:derby 7 org.apache.poi:poi 7 org.apache.spark:spark-core_2.11 7 org.jenkins-ci.plugins:jobConfigHistory 7 org.jruby:jruby-stdlib 7 rubygems-update 7 org.webjars.npm:jquery-ui 7 org.apache.logging.log4j:log4j-core 7 org.apache.cxf:apache-cxf 7 jQuery.UI.Combined 7 bootstrap.sass 7 io.jenkins.plugins:cavisson-ns-nd-integration 7 bootstrap-sass 7 org.owasp.esapi:esapi 7 jquery-ui-rails 7 jQuery 7 org.apache.inlong:manager-web 7 io.dataease:dataease-plugin-common 7 jquery-ui 7 org.apache.tika:tika 7 org.jenkins-ci.plugins:mercurial 7 org.jboss.resteasy:resteasy-client 7 org.owasp.antisamy:antisamy 7 org.jenkins-ci.plugins:rundeck 7 org.jenkins-ci.plugins:subversion 7 io.jenkins.plugins:miniorange-saml-sp 7 org.jenkins-ci.plugins:oic-auth 7 io.atomix:atomix 7 org.jeecgframework.boot:jeecg-boot-base 7 org.jenkins-ci.plugins:artifactory 7 org.apache.hive:hive-service 7 net.opentsdb:opentsdb 7 org.jenkins-ci.plugins:openshift-deployer 7 io.jenkins.plugins:warnings-ng 7 org.apache.atlas:atlas-common 7 org.silverpeas.core:silverpeas-core-web 7 org.apache.activemq:activemq-parent 7 org.apache.karaf:apache-karaf 7 cn.hutool:hutool-json 6 org.apache.httpcomponents:httpclient 6 org.apache.mesos:mesos 6 org.apache.shenyu:shenyu-common 6 org.opencastproject:opencast-kernel 6 org.jenkins-ci.plugins:pipeline-maven 6 commons-fileupload:commons-fileupload 6 org.apache.spark:spark-core_2.10 6 org.apache.storm:storm-core 6 org.jenkins-ci.plugins:gitlab-oauth 6 org.xwiki.commons:xwiki-commons-xml 6 io.netty:netty-codec-http 6 org.jenkins-ci.plugins:azure-vm-agents 6 org.apache.syncope:syncope-core 6 org.apache.druid:druid 6 org.apache.struts:struts2-rest-plugin 6 org.apache.axis:axis 6 com.jflyfox:jflyfox_jfinal 6 axis:axis 6 org.bouncycastle:bcprov-jdk18on 6 org.opensearch.plugin:opensearch-security 6 org.apache.solr:solr-parent 6 com.sonyericsson.hudson.plugins.gerrit:gerrit-trigger 6 com.xebialabs.deployit.ci:deployit-plugin 6 de.tum.in.ase:artemis-java-test-sandbox 6 io.netty:netty-handler 6 org.csanchez.jenkins.plugins:kubernetes 6 hudson.plugins:project-inheritance 6 org.jenkins-ci.plugins:ec2-deployment-dashboard 6 org.jenkins-ci.plugins:fortify-on-demand-uploader 6 com.google.protobuf:protobuf-java 6 org.jenkins-ci.plugins:repository-connector 6 org.apache.pulsar:pulsar-broker 6 org.infinispan:infinispan-core 6 tech.powerjob:powerjob 6 com.nimbusds:nimbus-jose-jwt 5 io.vertx:vertx-core 5 org.jenkins-ci.plugins:sinatra-chef-builder 5 com.datapipe.jenkins.plugins:hashicorp-vault-plugin 5 org.apache.cassandra:cassandra-all 5 org.jenkins-ci.plugins:extended-choice-parameter 5 xerces:xercesImpl 5 org.jenkins-ci.plugins:htmlpublisher 5 org.jenkins-ci.plugins:publish-over-ssh 5 org.apache.hadoop:hadoop-client 5 org.jenkins-ci.plugins:aws-codecommit-trigger 5 org.jenkins-ci.plugins:azure-ad 5 org.jenkins-ci.plugins:websphere-deployer 5 org.apache.inlong:manager-dao 5 edu.stanford.nlp:stanford-corenlp 5 org.biouno:uno-choice 5 org.xwiki.platform:xwiki-platform-flamingo-skin-resources 5 org.zenframework.z8.dependencies.commons:log4j-1.2.17 5 org.jenkins-ci.plugins:scriptler 5 org.apache.streampark:streampark 5 org.jenkins-ci.plugins:ghprb 5 org.jenkins-ci.plugins:google-login 5
Filter by Repository
https://github.com/xwiki/xwiki-platform 183 https://github.com/jenkinsci/jenkins 150 https://github.com/apache/tomcat 101 https://github.com/keycloak/keycloak 73 https://github.com/FasterXML/jackson-databind 70 https://github.com/apache/struts 46 https://github.com/spring-projects/spring-framework 45 https://github.com/x-stream/xstream 37 https://github.com/apache/activemq 33 https://github.com/CVEProject/cvelist 28 https://github.com/apache/inlong 27 https://github.com/apache/nifi 23 https://github.com/eclipse/jetty.project 23 https://github.com/apache/cxf 21 https://github.com/jenkinsci/script-security-plugin 21 https://github.com/netty/netty 21 https://github.com/undertow-io/undertow 20 https://github.com/OpenNMS/opennms 20 https://github.com/jeecgboot/jeecg-boot 20 https://github.com/bcgit/bc-java 19 https://github.com/cloudfoundry/uaa 19 https://github.com/geoserver/geoserver 18 https://github.com/vaadin/platform 17 https://github.com/opencast/opencast 17 https://github.com/apache/camel 15 https://github.com/xuxueli/xxl-job 14 https://github.com/apache/dolphinscheduler 13 https://github.com/ming-soft/MCMS 13 https://github.com/quarkusio/quarkus 13 https://github.com/OpenRefine/OpenRefine 13 https://github.com/dromara/hutool 13 https://github.com/apache/kylin 12 https://github.com/spring-projects/spring-security 11 https://github.com/igniterealtime/Openfire 11 https://github.com/vaadin/flow 11 https://github.com/Graylog2/graylog2-server 10 https://github.com/DSpace/DSpace 10 https://github.com/apache/zeppelin 10 https://github.com/jenkinsci/git-plugin 10 https://github.com/apache/lucene-solr 9 https://github.com/dataease/dataease 9 https://github.com/jquery/jquery 9 https://github.com/cui2shark/cms 9 https://github.com/nahsra/antisamy 8 https://github.com/xwiki/xwiki-commons 8 https://github.com/hazelcast/hazelcast 8 https://github.com/opensearch-project/security 8 https://github.com/jenkinsci/config-file-provider-plugin 8 https://github.com/twbs/bootstrap 7 https://github.com/OpenTSDB/opentsdb 7 https://github.com/vaadin/framework 7 https://github.com/apache/xmlgraphics-batik 7 https://github.com/pgjdbc/pgjdbc 7 https://github.com/jenkinsci/blueocean-plugin 7 https://github.com/infinispan/infinispan 7 https://github.com/RhinoSecurityLabs/CVEs 7 https://github.com/ratpack/ratpack 7 https://github.com/jflyfox/jfinal_cms 7 https://github.com/apache/hadoop 7 https://github.com/rubygems/rubygems 7 https://github.com/rundeck/rundeck 7 https://github.com/line/armeria 6 https://github.com/ls1intum/Ares 6 https://github.com/http4s/http4s 6 https://github.com/jenkinsci/fortify-on-demand-uploader-plugin 6 https://github.com/apache/pulsar 6 https://github.com/jenkinsci/gerrit-trigger-plugin 6 https://github.com/cui2shark/security 6 https://github.com/jenkinsci/electricflow-plugin 6 https://github.com/jenkinsci/ec2-plugin 6 https://github.com/protocolbuffers/protobuf 6 https://bitbucket.org/snakeyaml/snakeyaml 6 https://github.com/OpenAPITools/openapi-generator 6 https://github.com/playframework/playframework 6 https://github.com/jenkinsci/configuration-as-code-plugin 6 https://github.com/apache/tika 6 https://github.com/apache/syncope 6 https://github.com/jenkinsci/build-failure-analyzer-plugin 6 https://github.com/vert-x3/vertx-web 6 https://github.com/ESAPI/esapi-java-legacy 6 https://github.com/jquery/jquery-ui 6 https://github.com/resteasy/resteasy 6 https://github.com/DrunkenShells/Disclosures 6 https://github.com/neo4j-contrib/neo4j-apoc-procedures 5 https://github.com/apache/geode 5 https://github.com/apache/shiro 5 https://github.com/apache/openmeetings 5 https://github.com/h2database/h2database 5 https://github.com/jenkinsci/support-core-plugin 5 https://github.com/jenkinsci/subversion-plugin 5 https://github.com/jenkinsci/codedx-plugin 5 https://github.com/PowerJob/PowerJob 5 https://github.com/apache/karaf 5 https://github.com/jenkinsci/m2release-plugin 5 https://github.com/apache/activemq-artemis 5 https://github.com/grails/grails-core 5 https://github.com/jenkinsci/junit-plugin 5 https://github.com/alibaba/nacos 5 https://github.com/jenkinsci/gitlab-plugin 5 https://github.com/jenkinsci/github-plugin 5 https://github.com/JLLeitschuh/security-research 5 https://github.com/ktorio/ktor 5 https://github.com/jenkinsci/active-directory-plugin 5 https://github.com/restlet/restlet-framework-java 5 https://github.com/alkacon/opencms-core 5 https://github.com/jetty/jetty.project 5 https://bitbucket.org/connect2id/nimbus-jose-jwt 5 https://github.com/jettison-json/jettison 5 https://github.com/jenkinsci/email-ext-plugin 5 https://github.com/jensdietrich/xshady-release 5 https://github.com/apache/shenyu 5 https://github.com/jenkinsci/workflow-cps-global-lib-plugin 5 https://github.com/jenkinsci/publish-over-ssh-plugin 5 https://github.com/shopizer-ecommerce/shopizer 4 https://github.com/skylot/jadx 4 https://github.com/jenkinsci/ansible-plugin 4 https://github.com/apache/solr 4 https://github.com/jenkinsci/active-choices-plugin 4 https://github.com/resteasy/Resteasy 4 https://github.com/reportportal/reportportal 4 https://github.com/jenkinsci/matrix-project-plugin 4 https://github.com/jenkinsci/nexus-platform-plugin 4 https://github.com/jenkinsci/p4-plugin 4 https://github.com/jenkinsci/libvirt-slave-plugin 4 https://github.com/jenkinsci/rundeck-plugin 4 https://github.com/jenkinsci/job-config-history-plugin 4 https://github.com/jenkinsci/htmlpublisher-plugin 4 https://github.com/jenkinsci/warnings-ng-plugin 4 https://github.com/jenkinsci/workflow-cps-plugin 4 https://github.com/jenkinsci/xldeploy-plugin 4 https://github.com/jfinal/jfinal 4 https://github.com/jenkinsci/hpe-application-automation-tools-plugin 4 https://github.com/joniles/mpxj 4 https://github.com/jenkinsci/gitlab-oauth-plugin 4 https://github.com/jenkinsci/fortify-plugin 4 https://github.com/HtmlUnit/htmlunit 4 https://github.com/micronaut-projects/micronaut-core 4 https://github.com/bcgit/bc-csharp 4 https://github.com/aws/aws-iot-device-sdk-java-v2 4 https://github.com/nightcloudos/new_cms 4 https://github.com/apiman/apiman 4 https://github.com/openhab/openhab-webui 4 https://github.com/jenkinsci/credentials-binding-plugin 4 https://github.com/itext/itext7 4 https://github.com/apache/streampipes 4 https://github.com/pippo-java/pippo 4 https://github.com/apache/httpcomponents-client 4 https://github.com/apache/druid 4 https://github.com/xerial/snappy-java 4 https://github.com/stanfordnlp/corenlp 4 https://github.com/yamcs/yamcs 4 https://github.com/eclipse-ee4j/glassfish 3 https://github.com/eclipse-vertx/vert.x 3 https://github.com/grpc/grpc 3 https://github.com/apolloconfig/apollo 3 https://github.com/peteroupc/CBOR-Java 3 https://github.com/pf4j/pf4j 3 https://github.com/matrix-org/matrix-android-sdk2 3 https://github.com/jenkinsci/hashicorp-vault-plugin 3 https://github.com/jenkinsci/crx-content-package-deployer-plugin 3 https://github.com/apache/storm 3 https://github.com/jeremylong/DependencyCheck 3 https://github.com/graphql-java/graphql-java 3 https://github.com/jenkinsci/git-client-plugin 3 https://github.com/dnsjava/dnsjava 3 https://github.com/jenkinsci/jira-plugin 3 https://github.com/AsyncHttpClient/async-http-client 3 https://github.com/wildfly/wildfly-core 3 https://github.com/jhy/jsoup 3 https://github.com/xwiki/xwiki-rendering 3 https://svn.apache.org/viewvc/lucene/dev 3 https://github.com/jenkinsci/bitbucket-oauth-plugin 3 https://github.com/intranda/goobi-viewer-core 3 https://github.com/eclipse-ee4j/mojarra 3 https://github.com/opengoofy/hippo4j 3 https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server 3 https://github.com/OpenIdentityPlatform/OpenAM 3 https://github.com/jenkinsci/git-parameter-plugin 3 https://github.com/open-metadata/OpenMetadata 3 https://github.com/jenkinsci/code-coverage-api-plugin 3 https://github.com/wso2/carbon-registry 3 https://github.com/jenkinsci/cvs-plugin 3 https://github.com/eclipse/lemminx 3 https://github.com/Jarvis-616/cms 3 https://github.com/apache/dubbo 3 https://github.com/ysuzhangbin/cms 3 https://github.com/jenkinsci/cloudbees-jenkins-advisor-plugin 3 https://github.com/jenkinsci/database-plugin 3 https://github.com/wildfly/wildfly 3 https://github.com/jenkinsci/ci-with-toad-edge-plugin 3 https://github.com/apereo/cas 3 https://github.com/orientechnologies/orientdb 3 https://github.com/jenkinsci/gitlab-branch-source-plugin 3 https://github.com/jenkinsci/cas-plugin 3 https://github.com/OWASP/json-sanitizer 3 https://github.com/jenkinsci/scriptler-plugin 3 https://github.com/mbechler/marshalsec 3 https://github.com/apache/cxf-fediz 3 https://github.com/rhuss/jolokia 3