Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

maven Security Advisories

Loading...
Critical
GSA_kwCzR0hTQS1nMnF3LTZ2cnItdjZwcc4AAv2u
Apache Jena vulnerable to Deserialization of Untrusted Data
Ecosystems: maven
Packages: org.apache.jena:jena-sdb
Source: GitHub Advisory Database
Blast Radius: 18.1
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS1wdmp2LTM4NmYtYzh3aM4AAyz9
Apache IoTDB Grafana Connector vulnerable to Improper Authentication
Ecosystems: maven
Packages: org.apache.iotdb:iotdb-grafana-connector
Source: GitHub Advisory Database
Blast Radius: 18.1
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS12Y3ZyLXY0MjYtM20zbc4AA2sI
org.xwiki.platform:xwiki-platform-office-importer vulnerable to arbitrary server side file writing from account through office converter
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-office-importer
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
Critical
GSA_kwCzR0hTQS1nNWgzLXc1NDYtcGo3Zs4AAy5o
Spring Boot Security Bypass with Wildcard Pattern Matching on Cloud Foundry
Ecosystems: maven
Packages: org.springframework.boot:spring-boot-actuator-autoconfigure
Source: GitHub Advisory Database
Blast Radius: 30.4
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS01NGY2LTlteDktODZmN84AA2pn
SaToken privilege escalation vulnerability
Ecosystems: maven
Packages: cn.dev33:sa-token-core
Source: GitHub Advisory Database
Blast Radius: 19.9
Published: 7 months ago
Critical
GSA_kwCzR0hTQS1jcDNqLTI3M3gtM2p4Y84AA329
XSS/CSRF Remote Code Execution in XWiki.ConfigurableClass
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-administration-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJycG0tcGo3cC03ajlx
Spring Security OAuth vulnerable to remote code execution (RCE)
Ecosystems: maven
Packages: org.springframework.security.oauth:spring-security-oauth2
Source: GitHub Advisory Database
Blast Radius: 38.9
Published: over 5 years ago
Critical
GSA_kwCzR0hTQS1tNTRmLXJwNnItcnJybc4AAvG6
XXL-JOB contains a Command execution vulnerability in background tasks
Ecosystems: maven
Packages: com.xuxueli:xxl-job-core
Source: GitHub Advisory Database
Blast Radius: 30.8
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS1jdjJ3LXE4YzMteGp2N84AAqj6
Agent-to-controller access control allows reading/writing most content of build directories in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS03MzJmLXc1ODUtZ21wY84AAo4d
XXE vulnerability in Jenkins Generic Webhook Trigger Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:generic-webhook-trigger
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS02Nmo4LWM4M20tZ2o1Zs4AA6wb
Apache Zeppelin remote code execution by adding malicious JDBC connection string
Ecosystems: maven
Packages: org.apache.zeppelin:zeppelin-jdbc
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 28 days ago
Critical
GSA_kwCzR0hTQS00bTZqLTIzcDItOGM1NM4AA5gn
Armeria SAML authentication bypass due to missing validation on unsigned SAML messages
Ecosystems: maven
Packages: com.linecorp.armeria:armeria-saml
Source: GitHub Advisory Database
Blast Radius: 4.3
Published: 2 months ago
Critical
GSA_kwCzR0hTQS01cmY0LWYyNGMtaHB2aM4AAuZt
SQL injection in jflyfox jfinal
Ecosystems: maven
Packages: com.jflyfox:jflyfox_jfinal
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS1xOWhnLTlxajItbXhmOc4AAz9u
XWiki Platform vulnerable to cross-site scripting via xcontinue parameter in previewactions template
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-flamingo-skin-resources
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
Critical
GSA_kwCzR0hTQS13NjZqLXhjN3ItbTJqds4AAwJR
camel-ldap component allows LDAP Injection when using the filter option
Ecosystems: maven
Packages: org.apache.camel:camel-ldap
Source: GitHub Advisory Database
Blast Radius: 22.5
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS14Mzd2LTM2d3YtNnY2aM4AAy5a
Cross-site Scripting in org.xwiki.commons:xwiki-commons-xml
Ecosystems: maven
Packages: org.xwiki.commons:xwiki-commons-xml
Source: GitHub Advisory Database
Blast Radius: 17.2
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS13bWh3LWhwd2gtNDRwZ84AATvP
Apache ActiveMQ Apollo XXE Vulnerability
Ecosystems: maven
Packages: org.apache.activemq:apollo-project
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS1mNHY4LTU4ZjYtbXdqNM4AAyuw
org.xwiki.platform:xwiki-platform-flamingo-theme-ui Eval Injection vulnerability
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-flamingo-theme-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS13djM5LWYzdngtM3Y2cc4AAuZ-
SQL injection in jflyfox jfinal
Ecosystems: maven
Packages: com.jflyfox:jflyfox_jfinal
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 1 year ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTIzeDQtbTg0Mi1mbXdm
Creation of Temporary File in Directory with Insecure Permissions in the OpenAPI-Generator online generator
Ecosystems: maven
Packages: org.openapitools:openapi-generator-online
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 3 years ago
Critical
GSA_kwCzR0hTQS05M2doLWpnamotcjkyOc4AA2sM
XWiki Platform vulnerable to XSS with edit right in the create document form for existing pages
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-web, org.xwiki.platform:xwiki-platform-web-templates
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
Critical
GSA_kwCzR0hTQS1yd2h2LWh2ajItcXJxbc4AA5aN
Liferay Portal Frontend JS module's portlet.js and Liferay DXP vulnerable to Cross-site Scripting
Ecosystems: maven
Packages: com.liferay.portal:release.dxp.bom, com.liferay.portal:release.portal.bom
Source: GitHub Advisory Database
Blast Radius: 14.7
Published: 3 months ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWY5aHYtbWc1aC14Y3c5
Deserialization of Untrusted Data in jackson-databind due to polymorphic deserialization
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: over 5 years ago
Critical
GSA_kwCzR0hTQS13Zzk5LTV2cngtajJnZ84AAwwt
bonita-connector-webservice XML External Entity vulnerability
Ecosystems: maven
Packages: org.bonitasoft.connectors:bonita-connector-webservice
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS02djczLWZnZjYtdzVqN8032w
Spring Cloud Function Code Injection with a specially crafted SpEL as a routing expression
Ecosystems: maven
Packages: org.springframework.cloud:spring-cloud-function-context
Source: GitHub Advisory Database
Blast Radius: 22.3
Published: about 2 years ago
Critical
GSA_kwCzR0hTQS1jdzU0LTU5cHctNGc4Y833AA
Apache Tomcat Improper Access Control vulnerability
Ecosystems: maven
Packages: org.apache.tomcat.embed:tomcat-embed-core, org.apache.tomcat:tomcat-catalina
Source: GitHub Advisory Database
Blast Radius: 40.7
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS1oMjJ4LWhtOGctcnhwZ84AAYT8
Improper Restriction of XML External Entity Reference in Apache OpenNLP
Ecosystems: maven
Packages: org.apache.opennlp:opennlp-tools
Source: GitHub Advisory Database
Blast Radius: 30.6
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS1jMnA0LThtdnYtcndtds4AAwel
Apache Karaf vulnerable to potential code injection
Ecosystems: maven
Packages: org.apache.karaf:apache-karaf
Source: GitHub Advisory Database
Blast Radius: 30.4
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS13MjR4LTg3bXItNHIyM84AAs8I
SpEL Injection in Spring Data MongoDB
Ecosystems: maven
Packages: org.springframework.data:spring-data-mongodb
Source: GitHub Advisory Database
Blast Radius: 37.9
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS1oOW1oLW1ncHYtZ3Ftds4AAuXO
Remote code execution in Apache Flume
Ecosystems: maven
Packages: org.apache.flume.flume-ng-sources:flume-jms-source
Source: GitHub Advisory Database
Blast Radius: 20.5
Published: over 1 year ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWd3dzctcDV3NC13cmZ2
Deserialization of Untrusted Data in jackson-databind
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: about 4 years ago
Critical
GSA_kwCzR0hTQS14YzkzLTU4N2ctbXhtN84AAyd0
Payara Server allows remote attackers to load malicious code on the server once a JNDI directory scan is performed
Ecosystems: maven
Packages: fish.payara.server:payara-aggregator
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS02ZzMzLTgyZ2MtM3B3Nc4AAYbA
Improper Restriction of XML External Entity Reference in Jelly
Ecosystems: maven
Packages: commons-jelly:commons-jelly
Source: GitHub Advisory Database
Blast Radius: 14.3
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS1jNm14LTNmajktOWo3cc4AAy69
PowerJob vulnerable to incorrect access control
Ecosystems: maven
Packages: tech.powerjob:powerjob
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWY5NmctMjRjZy1mMjR3
SQL Injection in odata4j
Ecosystems: maven
Packages: org.odata4j:odata4j-parent, org.odata4j:odata4j-dist, org.odata4j:odata4j-core
Source: GitHub Advisory Database
Blast Radius: 17.6
Published: about 3 years ago
Critical
GSA_kwCzR0hTQS1qM2gyLThtZjgtajVyMs4AAtZ3
Hudson XML API susceptible to External Entity Injection Vunerability prior to v3.3.2
Ecosystems: maven
Packages: org.jvnet.hudson.main:hudson-core
Source: GitHub Advisory Database
Blast Radius: 16.0
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS02ZmNqLTl2ZnctanEybc4AAxlu
Arbitrary file deletion in ureport
Ecosystems: maven
Packages: com.bstek.ureport:ureport2-core
Source: GitHub Advisory Database
Blast Radius: 10.1
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS0zNTNtLWpoMm0tNzJ2NM4AA08F
Code injection in stanford-parser
Ecosystems: maven
Packages: edu.stanford.nlp:stanford-parser
Source: GitHub Advisory Database
Blast Radius: 23.3
Published: 9 months ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTIzODItcXg1aC1ydnFo
SQL Injection in odata4j
Ecosystems: maven
Packages: org.odata4j:odata4j-parent, org.odata4j:odata4j-dist, org.odata4j:odata4j-core
Source: GitHub Advisory Database
Blast Radius: 17.6
Published: about 3 years ago
Critical
GSA_kwCzR0hTQS1mM2dqLWh2djQtZjU3ds4AAv5G
XML External Entity Reference in Jenkins CCCC Plugin
Ecosystems: maven
Packages: com.thalesgroup.jenkins-ci.plugins:cccc
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS04ajI4LTM0cXEtZ21jaM4AAzU2
Apache Sling Commons JSON bundle vulnerable to Improper Input Validation
Ecosystems: maven
Packages: org.apache.sling:org.apache.sling.commons.json
Source: GitHub Advisory Database
Blast Radius: 28.6
Published: 12 months ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdjcDUtbTUyZi1taGg1
Improper Restriction of XML External Entity Reference in MPXJ
Ecosystems: maven
Packages: net.sf.mpxj:mpxj
Source: GitHub Advisory Database
Blast Radius: 16.2
Published: about 3 years ago
Critical
GSA_kwCzR0hTQS04OTVtLXd3NTUtNTl2d84AAZNT
Exposure of Sensitive Information to an Unauthorized Actor in Apache Hadoop
Ecosystems: maven
Packages: org.apache.hadoop:hadoop-yarn-server-nodemanager
Source: GitHub Advisory Database
Blast Radius: 32.4
Published: almost 2 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdjajQtZ2o4bS1tMmY3
Authentication bypass in Apache Shiro
Ecosystems: maven
Packages: org.apache.shiro:shiro-spring
Source: GitHub Advisory Database
Blast Radius: 42.9
Published: about 3 years ago
Critical
GSA_kwCzR0hTQS1wN3c5LThteHctcDNnN80shw
Improper Certificate Validation in Hutool
Ecosystems: maven
Packages: cn.hutool:hutool-http
Source: GitHub Advisory Database
Blast Radius: 26.6
Published: about 2 years ago
Critical
GSA_kwCzR0hTQS0yMmo0LXFjNDgtajhmOM4AAxUh
Apache InLong vulnerable to Deserialization of Untrusted Data vulnerability
Ecosystems: maven
Packages: org.apache.inlong:inlong
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS03MjlmLXd2ajMtYzRwas0Vzw
Remote code execution in UReport
Ecosystems: maven
Packages: com.bstek.ureport:ureport2-core
Source: GitHub Advisory Database
Blast Radius: 10.9
Published: over 2 years ago
Critical
GSA_kwCzR0hTQS02dzg5LWM2NXctangyY84AAxE2
Jeecg-boot is vulnerable to SQL injection
Ecosystems: maven
Packages: org.jeecgframework.boot:jeecg-module-system, org.jeecgframework.boot:jeecg-boot-base-core
Source: GitHub Advisory Database
Blast Radius: 23.2
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS1mcHJyLXJybTgtNDUzNM4AAwuU
Apache Dubbo vulnerable to remote code execution via Telnet Handler
Ecosystems: maven
Packages: org.apache.dubbo:dubbo-parent
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS14NzR4LXFmNWotMzVqaM33fg
Sandbox bypass vulnerability in Jenkins Pipeline: Groovy Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins.workflow:workflow-cps
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS1yYzU3LTlyM3gtOThjcc4AArse
XML External Entity Reference in drools
Ecosystems: maven
Packages: org.drools:drools-core
Source: GitHub Advisory Database
Blast Radius: 33.3
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS05bWg5LTQ0cTMtdjc5eM4AAy5F
PowerJob vulnerable to remote code execution
Ecosystems: maven
Packages: tech.powerjob:powerjob
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS02cHFmLWM5OXAtNzU4ds4AA0KO
org.xwiki.commons:xwiki-commons-xml's HTML sanitizer allows form elements in restricted
Ecosystems: maven
Packages: org.xwiki.commons:xwiki-commons-xml
Source: GitHub Advisory Database
Blast Radius: 17.2
Published: 10 months ago
Critical
GSA_kwCzR0hTQS1yd2h4LTZoeDctcHFjOM4AA2As
SQL injection in jeecgboot
Ecosystems: maven
Packages: org.jeecgframework.boot:jeecg-boot-common
Source: GitHub Advisory Database
Blast Radius: 20.1
Published: 8 months ago
Critical
GSA_kwCzR0hTQS02bXY4LTk1eDUteGNxOc4AA3OV
H2O local file inclusion vulnerability
Ecosystems: maven
Packages: ai.h2o:h2o-core
Source: GitHub Advisory Database
Blast Radius: 14.9
Published: 6 months ago
Critical
GSA_kwCzR0hTQS0zNnAzLXdqbWctaDk0eM03aQ
Remote Code Execution in Spring Framework
Ecosystems: maven
Packages: org.springframework:spring-webflux, org.springframework:spring-webmvc, org.springframework:spring-beans, org.springframework.boot:spring-boot-starter-webflux, org.springframework.boot:spring-boot-starter-web
Source: GitHub Advisory Database
Blast Radius: 57.9
Published: about 2 years ago
Critical
GSA_kwCzR0hTQS0zaHg2LWZxcGoteGZqcs386w
RichFaces vulnerable to Expression Language Injection
Ecosystems: maven
Packages: org.richfaces:richfaces-core
Source: GitHub Advisory Database
Blast Radius: 14.0
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS03dmY0LXg1bTItcjZncs4AA7QP
OpenMetadata vulnerable to SpEL Injection in `PUT /api/v1/policies` (`GHSL-2023-252`)
Ecosystems: maven
Packages: org.open-metadata:openmetadata-service
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 14 days ago
Critical
GSA_kwCzR0hTQS14cGhqLW05Y2MtOGZtcc4AAQZQ
Deserialization of Untrusted Data in Groovy
Ecosystems: maven
Packages: org.codehaus.groovy:groovy
Source: GitHub Advisory Database
Blast Radius: 40.6
Published: almost 2 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZmN3Atajh4Ni14dndw
Incorrect Authorization in Apache Solr
Ecosystems: maven
Packages: org.apache.solr:solr-parent
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 3 years ago
Critical
GSA_kwCzR0hTQS03N2g4LTVqM2gtamNqZs4AAxTc
Dromara Hutool Deserialization of Untrusted Data vulnerability
Ecosystems: maven
Packages: cn.hutool:hutool-all
Source: GitHub Advisory Database
Blast Radius: 41.0
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS1wY2NyLXE3djktNWYyN80eMw
Apache Solr Improper Input Validation and Path Traversal
Ecosystems: maven
Packages: org.apache.solr:solr-parent
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Critical
GSA_kwCzR0hTQS1wOTRxLTlxMm0tcGZoMs0v9Q
SQL injection in net.mingsoft:ms-mcms
Ecosystems: maven
Packages: net.mingsoft:ms-mcms
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: about 2 years ago
Critical
GSA_kwCzR0hTQS1nNWNqLTVoNTgtajkzd84AAwC4
Jeecg-boot vulnerable to SQL Injection
Ecosystems: maven
Packages: org.jeecgframework.boot:jeecg-boot-common
Source: GitHub Advisory Database
Blast Radius: 20.1
Published: over 1 year ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdjNnEtanF3Yy00NDIz
Path Traversal in Crafter CMS Crafter Studio
Ecosystems: maven
Packages: org.craftercms:crafter-studio
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Critical
GSA_kwCzR0hTQS13cDRoLXB2Z3ctNTcyN80Y7Q
Improperly Controlled Modification of Dynamically-Determined Object Attributes in Apache Struts
Ecosystems: maven
Packages: org.apache.struts:struts2-core
Source: GitHub Advisory Database
Blast Radius: 37.2
Published: over 2 years ago
Critical
GSA_kwCzR0hTQS1tNGo1LWhncXEtNWpmMs4AARcl
Insecure cookie sharing in Hawtio
Ecosystems: maven
Packages: io.hawt:project
Source: GitHub Advisory Database
Blast Radius: 2.7
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS03d2ZjLXg0ZjctZ2cyeM00Ig
Code injection in Apache Dubbo
Ecosystems: maven
Packages: org.apache.dubbo:dubbo
Source: GitHub Advisory Database
Blast Radius: 34.4
Published: about 2 years ago
Critical
GSA_kwCzR0hTQS14MjM0LW1nN3EtbThnOM4AAz_w
XWiki Platform vulnerable to reflected cross-site scripting via xredirect parameter in deletespace template
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-web-templates
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
Critical
GSA_kwCzR0hTQS1wY2MyLXc2bTgteDV3NM4AAxJ6
Agent-to-controller security bypass in Jenkins Semantic Versioning Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:semantic-versioning-plugin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS0ycG13LWN2YzctZnJ2aM0s2A
SQL injection in MCMS
Ecosystems: maven
Packages: net.mingsoft:ms-mcms
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: about 2 years ago
Critical
GSA_kwCzR0hTQS1nOGo4LW1naDktcTc3cM0teg
File upload leading to RCE in MCMS
Ecosystems: maven
Packages: net.mingsoft:ms-mcms
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: about 2 years ago
Critical
GSA_kwCzR0hTQS01MnZ2LTN2ZjctZjd3aM0thg
Server-Side Request Forgery and Uncontrolled Resource Consumption in LemMinX
Ecosystems: maven
Packages: org.eclipse.lemminx:lemminx-parent
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Critical
GSA_kwCzR0hTQS13cWc3LW14NnAtMnJ3M84AAwBL
Command injection in Apache DolphinScheduler Alert Plugins
Ecosystems: maven
Packages: org.apache.dolphinscheduler:dolphinscheduler-alert-plugins
Source: GitHub Advisory Database
Blast Radius: 13.2
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS1wOW04LTI3eDgtcmc4N80XOQ
Critical vulnerability found in cron-utils
Ecosystems: maven
Packages: com.cronutils:cron-utils
Source: GitHub Advisory Database
Blast Radius: 29.5
Published: over 2 years ago
Critical
GSA_kwCzR0hTQS00djNnLWc4NHctaHY3cs3oqg
Authentication Bypass Using an Alternate Path or Channel in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat.embed:tomcat-embed-jasper, org.apache.tomcat:jasper, org.apache.tomcat:tomcat-jasper
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS1oODkyLXg0NTMtODZ3Y8397A
Pippo RCE Vulnerability
Ecosystems: maven
Packages: ro.pippo:pippo-session, ro.pippo:pippo-core
Source: GitHub Advisory Database
Blast Radius: 14.2
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS1qbXc3LXBoNnAtMzNjY84AAXvi
Exposure of Sensitive Information in Jenkins Core
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg4MjItcjRyNS12OGpn
Polymorphic Typing issue in FasterXML jackson-databind
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: over 4 years ago
Critical
GSA_kwCzR0hTQS03cGh3LWN4eDctcTl2cc4AAyW3
Spring Framework is vulnerable to security bypass via mvcRequestMatcher pattern mismatch
Ecosystems: maven
Packages: org.springframework:spring
Source: GitHub Advisory Database
Blast Radius: 35.4
Published: about 1 year ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWY2dmYtcHE4Yy02OW00
Improper Check for Unusual or Exceptional Conditions in Connect2id Nimbus JOSE+JWT
Ecosystems: maven
Packages: com.nimbusds:nimbus-jose-jwt
Source: GitHub Advisory Database
Blast Radius: 37.2
Published: over 4 years ago
Critical
GSA_kwCzR0hTQS1xajg2LXA3NHItN3dwNc4AA32-
Remote code execution/programming rights with configuration section from any user account
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-administration-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
Critical
GSA_kwCzR0hTQS1tZmp3LXg0cTQtNjlwOc4AAigf
Ignite Realtime Openfire vulnerable to Server Side Request Forgery
Ecosystems: maven
Packages: org.igniterealtime.openfire:parent
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS1oMzc2LWoyNjItdmhxNs0g_w
RCE in H2 Console
Ecosystems: maven
Packages: com.h2database:h2
Source: GitHub Advisory Database
Blast Radius: 53.2
Published: over 2 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNyaG0tNjdqNi00Mmpx
Exposure of Sensitive information in authentikat-jwt
Ecosystems: maven
Packages: com.jason-goodwin:authentikat-jwt_2.12
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: over 5 years ago
Critical
GSA_kwCzR0hTQS13bXhtLTZ3eGMtM3hxZs4AAwgk
Apache ShardingSphere-Proxy Incomplete Cleanup vulnerability
Ecosystems: maven
Packages: org.apache.shardingsphere:shardingsphere-proxy
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS0yOXBoLWZqZjMtYzVjbc4AAXbk
Apache NiFi XSS issue in context path handling
Ecosystems: maven
Packages: org.apache.nifi:nifi
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS14eGZoLXg5OHAtajhmcs0atA
Remote code injection in Log4j (through pax-logging-log4j2)
Ecosystems: maven
Packages: org.ops4j.pax.logging:pax-logging-log4j2
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Critical
GSA_kwCzR0hTQS1nYzc5LWdoNGYtOWc2d80tdQ
Server Side Template Injection in MCMS
Ecosystems: maven
Packages: net.mingsoft:ms-mcms
Source: GitHub Advisory Database
Blast Radius: 2.7
Published: about 2 years ago
Critical
GSA_kwCzR0hTQS1qNzJmLTRoZ3AtM213Y84AAyKu
jeecg-boot SQL Injection vulnerability
Ecosystems: maven
Packages: org.jeecgframework.boot:jeecg-boot-common
Source: GitHub Advisory Database
Blast Radius: 20.1
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS14cjZtLTJwNG0tanZxZs4AAu1d
XWiki Platform Wiki UI Main Wiki Eval Injection vulnerability
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-wiki-ui-mainwiki
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS0zcjQ4LTNtOHItNHI5d84AAyX0
Apache OpenMeetings missing authentication and can allow user impersonation
Ecosystems: maven
Packages: org.apache.openmeetings:openmeetings-parent
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS12aDJyLXg5N2MtMnZwcs0slg
SQL Injection in Jeecg-boot
Ecosystems: maven
Packages: org.jeecgframework.boot:jeecg-boot-base-core, org.jeecgframework.boot:jeecg-boot-base
Source: GitHub Advisory Database
Blast Radius: 23.2
Published: about 2 years ago
Critical
GSA_kwCzR0hTQS13NzI5LTc2MzMtMmZ3Nc0WuQ
Deserialization of Untrusted Data leading to Remote Code Execution in Apache Storm
Ecosystems: maven
Packages: org.apache.storm:storm
Source: GitHub Advisory Database
Blast Radius: 12.1
Published: over 2 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXIycHAteDRtbS00OTk5
XML External Entity (XXE) vulnerability in neo4j.procedure:apoc
Ecosystems: maven
Packages: org.neo4j.procedure:apoc
Source: GitHub Advisory Database
Blast Radius: 16.4
Published: over 5 years ago
Critical
GSA_kwCzR0hTQS1oZ3B3LTZwNGgtajZoNc4AA2-W
XWiki Platform vulnerable to remote code execution via the edit action because it lacks CSRF token
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-oldcore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTY5NHAteHJoZy14M3dt
Micronaut's HTTP client is vulnerable to HTTP Request Header Injection
Ecosystems: maven
Packages: io.micronaut:micronaut-http-client
Source: GitHub Advisory Database
Blast Radius: 32.6
Published: about 4 years ago
Critical
GSA_kwCzR0hTQS0zcXBtLWg5Y2gtcHgzY80gtg
Remote code injection, Improper Input Validation and Uncontrolled Recursion in Log4j library
Ecosystems: maven
Packages: org.powernukkit:powernukkit
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: over 2 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJmeDYtdnA5Zy1yaDd2
jackson-databind vulnerable to remote code execution due to incorrect deserialization and blocklist bypass
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: over 5 years ago
Critical
GSA_kwCzR0hTQS1jMjdoLW1jbXctNDhods4AAiN-
Deserialization of Untrusted Data in org.codehaus.jackson:jackson-mapper-asl
Ecosystems: maven
Packages: org.codehaus.jackson:jackson-mapper-asl
Source: GitHub Advisory Database
Blast Radius: 47.5
Published: almost 2 years ago
Statistics
Advisories: 18,400
Packages: 8,303
Repositories: 971
Ecosystems: 12
Filter by Severity
Moderate 7,949 High 6,364 Critical 2,810 Low 986
Filter by Ecosystem
maven 5,534 packagist 3,815 pypi 3,727 npm 3,546 go 1,899 nuget 1,390 rubygems 814 cargo 777 swift 31 hex 30 actions 16 pub 8
Filter by Package
org.jenkins-ci.main:jenkins-core 189 org.apache.tomcat:tomcat 134 com.fasterxml.jackson.core:jackson-databind 69 org.apache.struts:struts2-core 55 org.keycloak:keycloak-core 47 com.liferay.portal:release.portal.bom 45 org.apache.tomcat.embed:tomcat-embed-core 37 com.thoughtworks.xstream:xstream 36 com.jfinal:jfinal 36 net.mingsoft:ms-mcms 35 org.xwiki.platform:xwiki-platform-oldcore 34 org.elasticsearch:elasticsearch 32 org.jenkins-ci.plugins:script-security 32 io.undertow:undertow-core 27 org.keycloak:keycloak-services 27 org.keycloak:keycloak-parent 25 org.apache.solr:solr-core 25 org.eclipse.jetty:jetty-server 23 org.springframework.security:spring-security-core 23 org.apache.nifi:nifi 22 org.apache.openmeetings:openmeetings-parent 21 org.cloudfoundry.identity:cloudfoundry-identity-server 20 org.bouncycastle:bcprov-jdk14 19 org.springframework:spring-core 19 com.liferay.portal:release.dxp.bom 18 com.vaadin:vaadin-bom 18 org.xwiki.platform:xwiki-platform-web-templates 17 org.apache.geode:geode-core 17 org.apache.dubbo:dubbo 16 org.apache.activemq:activemq-client 16 org.bouncycastle:bcprov-jdk15 16 org.apache.struts.xwork:xwork-core 15 org.apache.jspwiki:jspwiki-main 15 org.xwiki.platform:xwiki-platform-web 14 org.apache.hadoop:hadoop-main 13 org.apache.cxf:cxf 13 org.apache.inlong:manager-pojo 13 org.jenkins-ci.plugins.workflow:workflow-cps 12 org.jenkins-ci.plugins:git 12 com.vaadin:flow-server 12 org.apache.dolphinscheduler:dolphinscheduler 12 org.jeecgframework.boot:jeecg-boot-common 11 org.apache.james:james-server 11 org.mortbay.jetty:jetty 11 org.jenkins-ci.plugins:email-ext 11 org.apache.camel:camel-core 11 org.igniterealtime.openfire:parent 11 org.apache.cxf:cxf-core 11 org.apache.hadoop:hadoop-common 11 org.apache.tomcat:tomcat-coyote 11 org.jeecgframework.boot:jeecg-boot-parent 11 org.apache.jspwiki:jspwiki-war 11 org.apache.tika:tika-core 11 com.xuxueli:xxl-job 11 org.apache.ranger:ranger 11 org.apache.commons:commons-compress 11 org.xwiki.platform:xwiki-platform-administration-ui 10 org.apache.inlong:manager-service 10 org.jboss.netty:netty 10 org.jenkins-ci.plugins.workflow:workflow-cps-global-lib 10 io.netty:netty 10 org.apache.hive:hive 9 org.jenkins-ci.plugins:active-directory 9 org.bouncycastle:bcprov-jdk15on 9 cn.hutool:hutool-core 9 com.sonyericsson.jenkins.plugins.bfa:build-failure-analyzer 9 org.opennms:opennms 9 org.apache.tapestry:tapestry-core 9 org.craftercms:crafter-studio 9 org.apache.archiva:archiva 9 jquery 9 org.apache.shiro:shiro-core 9 io.jenkins:configuration-as-code 9 jquery-rails 9 org.webjars.npm:jquery 9 org.springframework:spring-web 9 org.apache.tomcat:tomcat-catalina 9 org.apache.xmlgraphics:batik 9 org.jenkins-ci.plugins:electricflow 9 org.springframework:spring-webmvc 9 org.jenkins-ci.plugins:config-file-provider 9 org.opencrx:opencrx-core-models 9 org.apache.kylin:kylin 8 io.jenkins.blueocean:blueocean 8 org.apache.hive:hive-exec 8 org.jenkins-ci.plugins:ec2 8 org.apache.ambari:ambari 8 jQuery 8 mysql:mysql-connector-java 8 com.hazelcast:hazelcast 8 org.opencms:opencms-core 8 org.apache.zeppelin:zeppelin 8 org.postgresql:postgresql 8 org.graylog2:graylog2-server 8 org.yaml:snakeyaml 8 org.apache.santuario:xmlsec 8 org.apache.ozone:ozone-main 8 org.apache.pdfbox:pdfbox 8 org.jboss.resteasy:resteasy-client 7 org.apache.logging.log4j:log4j-core 7 org.owasp.esapi:esapi 7 org.apache.cxf:apache-cxf 7 org.jenkins-ci.plugins:jobConfigHistory 7 org.jenkins-ci.plugins:artifactory 7 org.jenkins-ci.plugins:rundeck 7 jquery-ui 7 org.owasp.antisamy:antisamy 7 org.jeecgframework.boot:jeecg-boot-base 7 io.jenkins.plugins:miniorange-saml-sp 7 io.atomix:atomix 7 org.apache.linkis:linkis 7 jQuery.UI.Combined 7 org.jenkins-ci.plugins:mercurial 7 jquery-ui-rails 7 org.webjars.npm:jquery-ui 7 org.apache.derby:derby 7 io.jenkins.plugins:warnings-ng 7 org.jenkins-ci.plugins:subversion 7 org.apache.spark:spark-core_2.11 7 org.apache.inlong:manager-web 7 org.apache.atlas:atlas-common 7 org.jenkins-ci.plugins:openshift-deployer 7 org.apache.poi:poi 7 io.jenkins.plugins:cavisson-ns-nd-integration 7 rubygems-update 7 org.jruby:jruby-stdlib 7 io.dataease:dataease-plugin-common 7 org.apache.activemq:activemq-parent 7 net.opentsdb:opentsdb 7 org.apache.tika:tika 7 org.apache.karaf:apache-karaf 7 org.silverpeas.core:silverpeas-core-web 7 org.apache.hive:hive-service 7 com.jflyfox:jflyfox_jfinal 6 org.xwiki.commons:xwiki-commons-xml 6 org.apache.httpcomponents:httpclient 6 org.opencastproject:opencast-kernel 6 axis:axis 6 org.apache.solr:solr-parent 6 com.sonyericsson.hudson.plugins.gerrit:gerrit-trigger 6 org.apache.mesos:mesos 6 org.apache.spark:spark-core_2.10 6 org.jenkins-ci.plugins:repository-connector 6 org.apache.axis:axis 6 cn.hutool:hutool-json 6 org.jenkins-ci.plugins:gitlab-oauth 6 org.jenkins-ci.plugins:azure-vm-agents 6 org.opensearch.plugin:opensearch-security 6 io.netty:netty-codec-http 6 commons-fileupload:commons-fileupload 6 hudson.plugins:project-inheritance 6 tech.powerjob:powerjob 6 org.apache.pulsar:pulsar-broker 6 io.netty:netty-handler 6 org.apache.shenyu:shenyu-common 6 org.apache.storm:storm-core 6 org.csanchez.jenkins.plugins:kubernetes 6 org.jenkins-ci.plugins:ec2-deployment-dashboard 6 org.jenkins-ci.plugins:fortify-on-demand-uploader 6 org.bouncycastle:bcprov-jdk15to18 6 org.jenkins-ci.plugins:pipeline-maven 6 com.xebialabs.deployit.ci:deployit-plugin 6 de.tum.in.ase:artemis-java-test-sandbox 6 org.apache.struts:struts2-rest-plugin 6 org.apache.syncope:syncope-core 6 io.vertx:vertx-core 5 org.xwiki.platform:xwiki-platform-appwithinminutes-ui 5 org.jenkins-ci.plugins:azure-ad 5 org.xwiki.platform:xwiki-platform-flamingo-skin-resources 5 org.neo4j.procedure:apoc 5 org.jeecgframework.boot:jeecg-boot-base-core 5 org.apache.struts:struts-core 5 com.google.protobuf:protobuf-java 5 org.jenkins-ci.plugins:scriptler 5 org.jenkins-ci.plugins:codedx 5 org.jenkins-ci.plugins:delphix 5 org.apache.ignite:ignite-core 5 com.mabl.integration.jenkins:mabl-integration 5 org.jenkins-ci.plugins:support-core 5 org.codehaus.jettison:jettison 5 org.apache.kylin:kylin-server-base 5 org.springframework.amqp:spring-amqp 5 org.jenkins-ci.plugins:openid 5 struts:struts 5 info.magnolia:magnolia-core 5 com.coravy.hudson.plugins.github:github 5 org.zenframework.z8.dependencies.commons:log4j-1.2.17 5 log4j:log4j 5 org.jenkins-ci.plugins:junit 5 org.jenkins-ci.plugins:credentials 5 org.apache.cassandra:cassandra-all 5 org.jenkins-ci.plugins:publish-over-ssh 5 org.jenkins-ci.plugins.m2release:m2release 5 org.jenkins-ci.plugins:ghprb 5 org.jenkins-ci.plugins:gitlab-plugin 5 org.jenkins-ci.plugins:websphere-deployer 5 org.apache.inlong:manager-dao 5 org.jenkinsci.plugins:octoperf 5 org.apache.hadoop:hadoop-client 5 org.jenkins-ci.plugins:google-login 5
Filter by Repository
https://github.com/xwiki/xwiki-platform 172 https://github.com/jenkinsci/jenkins 148 https://github.com/apache/tomcat 96 https://github.com/FasterXML/jackson-databind 70 https://github.com/keycloak/keycloak 58 https://github.com/apache/struts 46 https://github.com/spring-projects/spring-framework 41 https://github.com/x-stream/xstream 36 https://github.com/apache/activemq 33 https://github.com/CVEProject/cvelist 28 https://github.com/apache/inlong 25 https://github.com/eclipse/jetty.project 23 https://github.com/apache/nifi 21 https://github.com/jenkinsci/script-security-plugin 21 https://github.com/jeecgboot/jeecg-boot 20 https://github.com/OpenNMS/opennms 20 https://github.com/netty/netty 20 https://github.com/apache/cxf 19 https://github.com/cloudfoundry/uaa 19 https://github.com/bcgit/bc-java 18 https://github.com/vaadin/platform 17 https://github.com/opencast/opencast 16 https://github.com/apache/camel 15 https://github.com/geoserver/geoserver 15 https://github.com/xuxueli/xxl-job 13 https://github.com/quarkusio/quarkus 13 https://github.com/ming-soft/MCMS 13 https://github.com/undertow-io/undertow 13 https://github.com/apache/dolphinscheduler 12 https://github.com/apache/kylin 12 https://github.com/dromara/hutool 12 https://github.com/vaadin/flow 11 https://github.com/igniterealtime/Openfire 11 https://github.com/jenkinsci/git-plugin 10 https://github.com/jquery/jquery 10 https://github.com/spring-projects/spring-security 9 https://github.com/cui2shark/cms 9 https://github.com/apache/lucene-solr 9 https://github.com/DSpace/DSpace 9 https://github.com/Graylog2/graylog2-server 9 https://github.com/jenkinsci/config-file-provider-plugin 8 https://github.com/opensearch-project/security 8 https://github.com/apache/zeppelin 8 https://github.com/hazelcast/hazelcast 8 https://github.com/xwiki/xwiki-commons 8 https://github.com/nahsra/antisamy 8 https://github.com/jflyfox/jfinal_cms 7 https://github.com/apache/xmlgraphics-batik 7 https://github.com/dataease/dataease 7 https://github.com/rundeck/rundeck 7 https://github.com/rubygems/rubygems 7 https://github.com/RhinoSecurityLabs/CVEs 7 https://github.com/ratpack/ratpack 7 https://github.com/vaadin/framework 7 https://github.com/OpenTSDB/opentsdb 7 https://github.com/pgjdbc/pgjdbc 7 https://github.com/jenkinsci/blueocean-plugin 7 https://github.com/jenkinsci/gerrit-trigger-plugin 6 https://github.com/jenkinsci/fortify-on-demand-uploader-plugin 6 https://bitbucket.org/snakeyaml/snakeyaml 6 https://github.com/apache/hadoop 6 https://github.com/http4s/http4s 6 https://github.com/jenkinsci/configuration-as-code-plugin 6 https://github.com/cui2shark/security 6 https://github.com/apache/tika 6 https://github.com/OpenRefine/OpenRefine 6 https://github.com/line/armeria 6 https://github.com/playframework/playframework 6 https://github.com/jenkinsci/electricflow-plugin 6 https://github.com/vert-x3/vertx-web 6 https://github.com/jenkinsci/build-failure-analyzer-plugin 6 https://github.com/jenkinsci/ec2-plugin 6 https://github.com/ls1intum/Ares 6 https://github.com/resteasy/resteasy 6 https://github.com/jquery/jquery-ui 6 https://github.com/ESAPI/esapi-java-legacy 6 https://github.com/DrunkenShells/Disclosures 6 https://github.com/apache/pulsar 6 https://github.com/apache/shenyu 5 https://github.com/jenkinsci/subversion-plugin 5 https://github.com/apache/shiro 5 https://github.com/restlet/restlet-framework-java 5 https://github.com/jenkinsci/github-plugin 5 https://github.com/jenkinsci/gitlab-plugin 5 https://github.com/jenkinsci/support-core-plugin 5 https://github.com/jenkinsci/m2release-plugin 5 https://github.com/protocolbuffers/protobuf 5 https://github.com/grails/grails-core 5 https://github.com/jettison-json/jettison 5 https://github.com/jensdietrich/xshady-release 5 https://github.com/alibaba/nacos 5 https://github.com/apache/karaf 5 https://github.com/h2database/h2database 5 https://github.com/jenkinsci/junit-plugin 5 https://github.com/apache/openmeetings 5 https://github.com/PowerJob/PowerJob 5 https://github.com/jenkinsci/codedx-plugin 5 https://github.com/jenkinsci/workflow-cps-global-lib-plugin 5 https://bitbucket.org/connect2id/nimbus-jose-jwt 5 https://github.com/jenkinsci/active-directory-plugin 5 https://github.com/neo4j-contrib/neo4j-apoc-procedures 5 https://github.com/apiman/apiman 5 https://github.com/JLLeitschuh/security-research 5 https://github.com/apache/geode 5 https://github.com/jenkinsci/publish-over-ssh-plugin 5 https://github.com/jenkinsci/email-ext-plugin 5 https://github.com/OpenAPITools/openapi-generator 5 https://github.com/apache/solr 4 https://github.com/pippo-java/pippo 4 https://github.com/jenkinsci/p4-plugin 4 https://github.com/jenkinsci/rundeck-plugin 4 https://github.com/itext/itext7 4 https://github.com/jenkinsci/ansible-plugin 4 https://github.com/jenkinsci/xldeploy-plugin 4 https://github.com/jenkinsci/htmlpublisher-plugin 4 https://github.com/jenkinsci/hpe-application-automation-tools-plugin 4 https://github.com/xerial/snappy-java 4 https://github.com/jenkinsci/job-config-history-plugin 4 https://github.com/jenkinsci/workflow-cps-plugin 4 https://github.com/skylot/jadx 4 https://github.com/yamcs/yamcs 4 https://github.com/shopizer-ecommerce/shopizer 4 https://github.com/jenkinsci/warnings-ng-plugin 4 https://github.com/aws/aws-iot-device-sdk-java-v2 4 https://github.com/jenkinsci/nexus-platform-plugin 4 https://github.com/nightcloudos/new_cms 4 https://github.com/apache/httpcomponents-client 4 https://github.com/HtmlUnit/htmlunit 4 https://github.com/jfinal/jfinal 4 https://github.com/jenkinsci/fortify-plugin 4 https://github.com/stanfordnlp/corenlp 4 https://github.com/reportportal/reportportal 4 https://github.com/apache/activemq-artemis 4 https://github.com/jenkinsci/gitlab-oauth-plugin 4 https://github.com/ktorio/ktor 4 https://github.com/micronaut-projects/micronaut-core 4 https://github.com/resteasy/Resteasy 4 https://github.com/jenkinsci/libvirt-slave-plugin 4 https://github.com/alkacon/opencms-core 4 https://github.com/infinispan/infinispan 4 https://github.com/jenkinsci/active-choices-plugin 4 https://github.com/apache/syncope 4 https://github.com/jenkinsci/credentials-binding-plugin 4 https://github.com/jenkinsci/matrix-project-plugin 4 https://github.com/apache/santuario-java 3 https://github.com/Rabb1ter/cms 3 https://github.com/ysuzhangbin/cms 3 https://github.com/jenkinsci/scriptler-plugin 3 https://github.com/qos-ch/logback 3 https://github.com/jenkinsci/mercurial-plugin 3 https://github.com/jenkinsci/bitbucket-oauth-plugin 3 https://github.com/google/guava 3 https://github.com/eclipse-vertx/vert.x 3 https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server 3 https://github.com/orientechnologies/orientdb 3 https://github.com/jenkinsci/azure-credentials-plugin 3 https://github.com/eclipse-ee4j/mojarra 3 https://github.com/jenkinsci/azure-vm-agents-plugin 3 https://github.com/OWASP/json-sanitizer 3 https://github.com/eclipse/lemminx 3 https://github.com/jenkinsci/ci-with-toad-edge-plugin 3 https://github.com/jenkinsci/cas-plugin 3 https://github.com/mbechler/marshalsec 3 https://github.com/peteroupc/CBOR-Java 3 https://github.com/pf4j/pf4j 3 https://github.com/apache/storm 3 https://github.com/open-metadata/OpenMetadata 3 https://github.com/jenkinsci/cloudbees-jenkins-advisor-plugin 3 https://github.com/opengoofy/hippo4j 3 https://github.com/Adobe-Consulting-Services/acs-aem-commons 3 https://github.com/matrix-org/matrix-android-sdk2 3 https://github.com/jenkinsci/nomad-plugin 3 https://github.com/AsyncHttpClient/async-http-client 3 https://github.com/apache/james-project 3 https://github.com/LetianYuan/My-CVE-Public-References 3 https://github.com/jeremylong/DependencyCheck 3 https://github.com/javamelody/javamelody 3 https://svn.apache.org/viewvc/lucene/dev 3 https://github.com/jenkinsci/git-parameter-plugin 3 https://github.com/apache/jackrabbit 3 https://github.com/jenkinsci/gitlab-branch-source-plugin 3 https://github.com/jenkinsci/git-client-plugin 3 https://github.com/jhy/jsoup 3 https://github.com/codehaus-plexus/plexus-utils 3 https://github.com/apache/geronimo 3 https://github.com/apache/flume 3 https://github.com/Jarvis-616/cms 3 https://github.com/jenkinsci/embeddable-build-status-plugin 3 https://github.com/apache/dubbo 3 https://bitbucket.org/b_c/jose4j 3 https://github.com/jenkinsci/crx-content-package-deployer-plugin 3 https://github.com/jenkinsci/cvs-plugin 3 https://svn.apache.org/viewvc/tomcat/tc7.0.x 3 https://github.com/apache/derby 3 https://github.com/apache/cxf-fediz 3 https://github.com/wso2/carbon-registry 3 https://github.com/apache/commons-configuration 3 https://github.com/intranda/goobi-viewer-core 3 https://github.com/joniles/mpxj 3