Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

maven Security Advisories

Loading...
Critical
GSA_kwCzR0hTQS1wOW1qLXY1bWYtbTgyeM4AAyup
org.xwiki.platform:xwiki-platform-notifications-ui Eval Injection vulnerability
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-notifications-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS1xdzI4LWc2M20tanhxds4AAgeF
Sandbox bypass in ontrack Jenkins Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:ontrack
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS14MnFtLXI0d3gtOGdwZ84AAx7T
org.xwiki.platform:xwiki-platform-flamingo-theme-ui Eval Injection vulnerability
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-flamingo-theme-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS05cGMyLXg5cWYtN2oycc4AAyuo
org.xwiki.platform:xwiki-platform-legacy-notification-activitymacro Eval Injection vulnerability
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-legacy-notification-activitymacro
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS12eGY3LW14MjItanIyNM4AAyu4
org.xwiki.platform:xwiki-platform-rendering-xwiki vulnerable to stored cross-site scripting via HTML and raw macro
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-rendering-xwiki
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS0zcDYyLTZmamgtM3A1aM4AA0KH
Keycloak vulnerable to cross-site scripting when validating URI-schemes on SAML and OIDC
Ecosystems: maven
Packages: org.keycloak:keycloak-services
Source: GitHub Advisory Database
Blast Radius: 27.5
Published: 10 months ago
Critical
GSA_kwCzR0hTQS1tajljLXZqcDktcGdnaM4AAiY2
Incorrect Authorization in Puppet Enterprise Pipeline Jenkins Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins.workflow:puppet-enterprise-pipeline
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS1jcmc5LTQ0aDIteHczNc4AA2vl
Apache ActiveMQ is vulnerable to Remote Code Execution
Ecosystems: maven
Packages: org.apache.activemq:activemq-openwire-legacy, org.apache.activemq:activemq-client
Source: GitHub Advisory Database
Blast Radius: 38.1
Published: 6 months ago
Critical
GSA_kwCzR0hTQS1yNm1jLW1ydnItMjNjcs32ew
Sandbox bypass in Jenkins Pipeline: Groovy Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins.workflow:workflow-cps
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS1qZ3JnLXF2cHAtOXZ3cs4AAy59
XWiki Platform vulnerable to code injection from account through AWM view sheet
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-appwithinminutes-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS14cjZtLTJwNG0tanZxZs4AAu1d
XWiki Platform Wiki UI Main Wiki Eval Injection vulnerability
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-wiki-ui-mainwiki
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS12eHdyLXdwanYtcWpxN84AA63o
XWiki Platform: Privilege escalation (PR) from user registration through PDFClass
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-oldcore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 23 days ago
Critical
GSA_kwCzR0hTQS0zMjlqLWpmdnItcmhyNs4AAyz5
Apache Spark vulnerable to Improper Privilege Management
Ecosystems: maven
Packages: org.apache.spark:spark-core_2.13, org.apache.spark:spark-core_2.12
Source: GitHub Advisory Database
Blast Radius: 34.4
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS1oMnJtLTI5Y2gtd2ZtaM4AA2gS
XWiki Identity Oauth Privilege escalation (PR)/remote code execution from login screen through unescaped URL parameter
Ecosystems: maven
Packages: com.xwiki.identity-oauth:identity-oauth-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
Critical
GSA_kwCzR0hTQS05NHBmLTkyaHctMmhqY84AA0KQ
XWiki Platform vulnerable to Code injection through NotificationRSSService
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-notifications-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
Critical
GSA_kwCzR0hTQS1jOWMyLXdjeGgtM3c1as4AAxpZ
Sandbox escape in Jenkins Email Extension Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:email-ext
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS1jNXY4LTJxNHItNXc5ds4AAu1e
XWiki Platform Mentions UI vulnerable to Cross-site Scripting
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-mentions-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS1mNDZwLXE2amgtMjI2bc4AAiIP
Incorrect Authorization in Jenkins Kubernetes :: Pipeline :: Arquillian Steps Plugin
Ecosystems: maven
Packages: io.fabric8.pipeline:kubernetes-pipeline-arquillian-steps
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS12Zjc4LTNxOWYtOTJnM84AA04H
Hard-coded System User Credentials in Folio Data Export Spring module
Ecosystems: maven
Packages: org.folio:mod-data-export-spring
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 months ago
Critical
GSA_kwCzR0hTQS1xd204LXZnbTYtZjg2cM33Ug
Script security sandbox bypass in Jenkins Email Extension Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:email-ext
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS1qZ2c3LXcycmotNThjas4AAy5-
XWiki Platform vulnerable to privilege escalation from view right on XWiki.Notifications.Code.LegacyNotificationAdministration
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-legacy-events-hibernate-ui, org.xwiki.platform:xwiki-platform-distribution-war
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS1jY3hoLWo3aGctbTVtcs4AAiIU
Incorrect Authorization in Jenkins Kubernetes :: Pipeline :: Kubernetes Steps Plugin
Ecosystems: maven
Packages: io.fabric8.pipeline:kubernetes-pipeline-steps
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS0zNGZqLXI1Z3EtNzM5Nc4AA63n
XWiki Platform: Remote code execution from account via SearchSuggestSourceSheet
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-search-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 23 days ago
Critical
GSA_kwCzR0hTQS1yajdwLXhqdjctNzIyOc4AA4Qj
XWiki Remote Code Execution Vulnerability via User Registration
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-administration-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
Critical
GSA_kwCzR0hTQS1jMmdnLTRncTQtanY1as4AA630
XWiki Platform remote code execution from account through UIExtension parameters
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-uiextension-api
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 23 days ago
Critical
GSA_kwCzR0hTQS0yODU4LThjZngtNjltOc4AA63p
XWiki Platform: Remote code execution as guest via DatabaseSearch
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-search-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 23 days ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZ4cTgtcHZnNC0zbWYz
Eclipse RDF4j vulnerable to XML External Entitiy
Ecosystems: maven
Packages: org.eclipse.rdf4j:rdf4j-runtime
Source: GitHub Advisory Database
Blast Radius: 23.4
Published: over 5 years ago
Critical
GSA_kwCzR0hTQS1mYzQyLTV3NTYtcXc3aM4AAy57
XWiki Platform vulnerable to code injection from account through XWiki.SchedulerJobSheet
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-scheduler-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdtZmctNTVmOS1qOGhx
Server-Side Template Injection
Ecosystems: maven
Packages: com.browserup:browserup-proxy
Source: GitHub Advisory Database
Blast Radius: 6.0
Published: over 3 years ago
Critical
GSA_kwCzR0hTQS1mNzc2LXc5djItN3Zmas4AA2fh
XWiki Change Request Application UI XSS and remote code execution through change request title
Ecosystems: maven
Packages: org.xwiki.contrib.changerequest:application-changerequest-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXIycHAteDRtbS00OTk5
XML External Entity (XXE) vulnerability in neo4j.procedure:apoc
Ecosystems: maven
Packages: org.neo4j.procedure:apoc
Source: GitHub Advisory Database
Blast Radius: 16.4
Published: over 5 years ago
Critical
GSA_kwCzR0hTQS1mbTY4LWo3d3ctaDl4Zs4AA0KP
XWiki Platform vulnerable to Code Injection in icon themes
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-icon-ui, org.xwiki.platform:xwiki-platform-icon-default, org.xwiki.platform:xwiki-platform-icon-script
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
Critical
GSA_kwCzR0hTQS1jNWY0LXA1d3YtMjQ3Nc4AAyur
xwiki.platform:xwiki-platform-panels-ui Eval Injection vulnerability
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-panels-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS01cjc0LXBnbXEtOTJtbc33bA
Script security sandbox bypass in Jenkins Job DSL Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:job-dsl
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS05aHFoLWZtaGctdnEyas4AAv_O
Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') in AttachmentSelector.xml
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-attachment-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS1oZjQzLTQ3cTQtZmhxNc4AA63z
XWiki Commons missing escaping of `{` in Velocity escapetool allows remote code execution
Ecosystems: maven
Packages: org.xwiki.commons:xwiki-commons-velocity
Source: GitHub Advisory Database
Blast Radius: 18.1
Published: 23 days ago
Critical
GSA_kwCzR0hTQS04cTlxLXI5djItNjQ0bc4AA0KR
Upgrading doesn't prevent exploiting vulnerable XWiki documents
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-oldcore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
Critical
GSA_kwCzR0hTQS01ajdnLWNmNnItZzJoN84AAv_R
Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') in xwiki-platform-icon-ui
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-icon-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS1xeGpnLWpoZ3ctcWhyds4AAyAC
org.xwiki.platform:xwiki-platform-panels-ui vulnerable to Eval Injection
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-panels-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS03Mmd4LXFxMm0tNnhyMs4AAiOT
Improper Control of Generation of Code in Jenkins Script Security Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:script-security
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS0zNzM4LXA5eDMtbXY5cs4AAx7O
XWiki Platform vulnerable to privilege escalation via properties with wiki syntax that are executed with wrong author
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-legacy-oldcore, org.xwiki.platform:xwiki-platform-oldcore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS1oNmY1LThqajUtY3hocs4AAx6L
xwiki-platform vulnerable to Remote Code Execution in Annotations
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-annotation-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS1xeDloLWM1djYtZ2hxaM4AAyut
org.xwiki.platform:xwiki-platform-panels-ui Eval Injection vulnerability
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-panels-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS05ajM2LTNjcDQtcmg0as4AAy5x
XWiki vulnerable to Code Injection in template provider administration
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-administration-ui, org.xwiki.platform:xwiki-platform-administration, org.xwiki.platform.applications:xwiki-application-administration
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS1nNzVjLWNqcjYtMzltY84AAz9m
XWiki Platform's Mail.MailConfig can be edited by any user with edit rights
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-mail-send-default
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
Critical
GSA_kwCzR0hTQS04Y3c2LTRyMzItNnIzaM4AAx7Q
XWiki Platform may allow privilege escalation to programming rights via user's first name
Ecosystems: maven
Packages: org.xwiki.commons:xwiki-commons-xml
Source: GitHub Advisory Database
Blast Radius: 18.9
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS12NTd4LWd4ZmotNDg0cc0kcQ
Security Advisory for "Log4Shell"
Ecosystems: maven
Packages: com.hazelcast:hazelcast, com.hazelcast.jet:hazelcast-jet
Source: GitHub Advisory Database
Blast Radius: 40.2
Published: over 2 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWp4bTUtNXhjdy1oNTdx
exist-db:exist-core XML External Entity (XXE) vulnerability
Ecosystems: maven
Packages: org.exist-db:exist-core
Source: GitHub Advisory Database
Blast Radius: 20.4
Published: over 5 years ago
Critical
GSA_kwCzR0hTQS03NjU0LXZmaDYtcnc2eM4AA328
Remote code execution from account through SearchAdmin
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-search-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
Critical
GSA_kwCzR0hTQS02N3EzLWd3d3ctcG00Z84AAbLM
Apache OpenMeetings does not correctly validate uploaded XML documents
Ecosystems: maven
Packages: org.apache.openmeetings:openmeetings-parent
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS12Y3ZyLXY0MjYtM20zbc4AA2sI
org.xwiki.platform:xwiki-platform-office-importer vulnerable to arbitrary server side file writing from account through office converter
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-office-importer
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
Critical
GSA_kwCzR0hTQS1qZmg4LWMyanAtNXYzcc0asw
Remote code injection in Log4j
Ecosystems: maven
Packages: org.apache.logging.log4j:log4j-core, uk.co.nichesolutions.logging.log4j:log4j-core, org.xbib.elasticsearch:log4j, com.guicedee.services:log4j-core
Source: GitHub Advisory Database
Blast Radius: 49.2
Published: over 2 years ago
Critical
GSA_kwCzR0hTQS1jdjU1LXY2cnctN3I1ds4AA63u
XWiki Platform remote code execution from account via custom skins support
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-oldcore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 23 days ago
Critical
GSA_kwCzR0hTQS14eHAyLTljOWctN3dtas4AA63q
XWiki Platform: Remote code execution from edit in multilingual wikis via translations
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-localization-source-wiki
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 23 days ago
Critical
GSA_kwCzR0hTQS1wOW04LTI3eDgtcmc4N80XOQ
Critical vulnerability found in cron-utils
Ecosystems: maven
Packages: com.cronutils:cron-utils
Source: GitHub Advisory Database
Blast Radius: 29.5
Published: over 2 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdxeDQtcHA3Ni12cnFo
Remote code execution in Apache Commons Configuration
Ecosystems: maven
Packages: org.apache.commons:commons-configuration2
Source: GitHub Advisory Database
Blast Radius: 33.6
Published: almost 4 years ago
Critical
GSA_kwCzR0hTQS05Y3FtLTV3Zjctd2NqN84AAx7R
XWiki Platform users may execute anything with superadmin right through comments and async macro
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-rendering-async-macro
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS1ncHE1LTdwMzQtdnF4Nc4AAy58
XWiki Platform's async and display macro allow displaying and interacting with any document in restricted mode
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-rendering-async-macro, org.xwiki.platform:xwiki-platform-oldcore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhjMzMtMzJ2dy1ycHA5
Remote Code Execution Vulnerability in Session Storage
Ecosystems: maven
Packages: io.ratpack:ratpack-core
Source: GitHub Advisory Database
Blast Radius: 23.5
Published: almost 3 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTlteGYtZzN4Ni13djc0
Server-Side Request Forgery (SSRF) in jackson-databind
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 53.9
Published: over 5 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc3aHAtcGZ4dy00dzYz
XML External Entity (XXE) vulnerability in codelibs fess
Ecosystems: maven
Packages: org.codelibs.fess:fess
Source: GitHub Advisory Database
Blast Radius: 13.2
Published: over 5 years ago
Critical
GSA_kwCzR0hTQS02MnByLXFxZjctaGg4Oc4AA2_Q
XWiki Platform vulnerable to remote code execution through the section parameter in Administration as guest
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-administration, org.xwiki.platform:xwiki-platform-administration-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
Critical
GSA_kwCzR0hTQS1xajg2LXA3NHItN3dwNc4AA32-
Remote code execution/programming rights with configuration section from any user account
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-administration-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
Critical
GSA_kwCzR0hTQS01OWc0LWhwZzMtM2djcM0bQw
Files Accessible to External Parties in Opencast
Ecosystems: maven
Packages: org.opencastproject:opencast-ingest-service-impl
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
GSA_kwCzR0hTQS1mNm1xLTZmeDUtdzJjaM4AAvdZ
Jenkins Script Security Plugin sandbox bypass vulnerability
Ecosystems: maven
Packages: org.jenkins-ci.plugins:script-security
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS14NzY0LWZmOHItOWhweM4AAy56
XWiki Platform vulnerable to code injection in display method used in user profiles
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-oldcore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS1mNHY4LTU4ZjYtbXdqNM4AAyuw
org.xwiki.platform:xwiki-platform-flamingo-theme-ui Eval Injection vulnerability
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-flamingo-theme-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS0zcXBtLWg5Y2gtcHgzY80gtg
Remote code injection, Improper Input Validation and Uncontrolled Recursion in Log4j library
Ecosystems: maven
Packages: org.powernukkit:powernukkit
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: over 2 years ago
Critical
GSA_kwCzR0hTQS12d3I2LXFwNHEtMndqN84AAx7P
XWiki Platform vulnerable to privilege escalation via async macro and IconThemeSheet from the user profile
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-icon-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS02dzhoLTI2eHgtY2Y4cc4AAv_U
Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') in org.xwiki.platform:xwiki-platform-menu-ui
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-menu-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS0zNmZtLWozM3ctYzI1Zs4AAzSe
Privilege escalation (PR)/RCE from account through class sheet
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-test-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 12 months ago
Critical
GSA_kwCzR0hTQS00djM4LTk2NGMteGptd84AAy3x
Code injection via unescaped translations in xwiki-platform
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-administration-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZ2eDMtZzYyNy1waG0y
Server-Side Request Forgery (SSRF) in com.ctrip.framework.apollo:apollo
Ecosystems: maven
Packages: com.ctrip.framework.apollo:apollo
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: about 5 years ago
Critical
GSA_kwCzR0hTQS14bTRoLTNqeHItbTNjNs4AA63r
XWiki Platform: Remote code execution through space title and Solr space facet
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-search-solr-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 23 days ago
Critical
GSA_kwCzR0hTQS0yNHJwLXEzdzYtdmM1Ns4AA5cA
org.postgresql:postgresql vulnerable to SQL Injection via line comment generation
Ecosystems: maven
Packages: org.postgresql:postgresql
Source: GitHub Advisory Database
Blast Radius: 52.5
Published: 2 months ago
Critical
GSA_kwCzR0hTQS0zZ3g5LTM3d3ctOXF3Ns0v8w
Spring Cloud Gateway vulnerable to Code Injection when Gateway Actuator endpoint enabled, exposed, unsecured
Ecosystems: maven
Packages: org.springframework.cloud:spring-cloud-gateway
Source: GitHub Advisory Database
Blast Radius: 18.4
Published: about 2 years ago
Critical
GSA_kwCzR0hTQS1yZjhqLXEzOWctN3hmbc4AAz9r
XWiki Platform vulnerable to privilege escalation (PR) from account through like LiveTableResults
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-like-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
Critical
GSA_kwCzR0hTQS0yZzVjLTIyOGotcDUyeM4AAu1c
XWiki Platform Applications Tag and XWiki Platform Tag UI vulnerable to Eval Injection
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-tag-ui, org.xwiki.platform.applications:xwiki-application-tag
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS1jcWhyLWpxdmMtcXc5cM4AAtgo
Java Melody vulnerable to cross-site scripting
Ecosystems: maven
Packages: net.bull.javamelody:javamelody-core
Source: GitHub Advisory Database
Blast Radius: 28.5
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS1jY3I4LTR4cjctY2dqM84AAmCk
Sandbox bypass vulnerability in Jenkins Script Security Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:script-security
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS14dnhxLWhxNDgteHBobc3maQ
Sandbox bypass in Script Security Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:script-security
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS1xeGY4LTg4MzctaHE3d833bQ
Script security sandbox bypass in Matrix Project Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:matrix-project
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS1oNHZwLTY5cjgtZ3ZqZ84AA0t7
org.xwiki.platform:xwiki-platform-skin-ui Eval Injection vulnerability
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-skin-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
Critical
GSA_kwCzR0hTQS13N3Y5LWZjNDktNHFnNM4AAyuq
org.xwiki.platform:xwiki-platform-wiki-ui-mainwiki Eval Injection vulnerability
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-wiki-ui-mainwiki
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWo3N3EtMnFxZy02OTg5
Apache Struts vulnerable to remote arbitrary command execution due to improper input validation
Ecosystems: maven
Packages: org.apache.struts:struts2-core
Source: GitHub Advisory Database
Blast Radius: 37.9
Published: over 5 years ago
Critical
GSA_kwCzR0hTQS1tcWMyLXc5cjgtbW14bc4AAvde
Jenkins Pipeline: Groovy Plugin allows sandbox protection bypass and arbitrary code execution
Ecosystems: maven
Packages: org.jenkins-ci.plugins.workflow:workflow-cps
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS03OTU0LTZtOXEtZ3B2Zs4AA1Yx
XWiki Platform privilege escalation (PR)/RCE from account through Invitation subject/message
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-invitation-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 months ago
Critical
GSA_kwCzR0hTQS02bWY1LTM2djktM2gyd84AAz9p
XWiki Platform vulnerable to privilege escalation (PR) from view right via Invitation application
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-invitation-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
Critical
GSA_kwCzR0hTQS0zOTg5LTRjNngtNzI1Zs4AAy5z
XWiki Platform vulnerable to privilege escalation from view right on XWiki.AttachmentSelector
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-attachment-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS1yZmg2LW1nNmgtaDY2OM4AAyuy
xwiki-platform-administration-ui vulnerable to privilege escalation
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-administration-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS12NTU4LWZodzItdjQ2d84AAqz8
Unsafe entry in Script Security list of approved signatures in Pipeline Remote Loader Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:workflow-remote-loader
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS12cnI4LWZwN2MtN3FncM4AAyuu
org.xwiki.platform:xwiki-platform-flamingo-theme-ui vulnerable to privilege escalation
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-flamingo-theme-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS01bWY4LXY0M3ctbWZ4cM4AA1aV
XWiki Platform privilege escalation (PR) from account through AWM content fields
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-appwithinminutes-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 months ago
Critical
GSA_kwCzR0hTQS1oZzV4LTN3M3gtN2c5Ns4AAy5v
xwiki-platform-web-templates vulnerable to Eval Injection
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-web-templates
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS1tNTRmLXJwNnItcnJybc4AAvG6
XXL-JOB contains a Command execution vulnerability in background tasks
Ecosystems: maven
Packages: com.xuxueli:xxl-job-core
Source: GitHub Advisory Database
Blast Radius: 30.8
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS13bWh3LWhwd2gtNDRwZ84AATvP
Apache ActiveMQ Apollo XXE Vulnerability
Ecosystems: maven
Packages: org.apache.activemq:apollo-project
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS1nY2h2LTM2NGgtcjg5Ns3jtg
XML External Entity Reference in apache jena
Ecosystems: maven
Packages: org.apache.jena:jena
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS1mM2dqLWh2djQtZjU3ds4AAv5G
XML External Entity Reference in Jenkins CCCC Plugin
Ecosystems: maven
Packages: com.thalesgroup.jenkins-ci.plugins:cccc
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS01cmY0LWYyNGMtaHB2aM4AAuZt
SQL injection in jflyfox jfinal
Ecosystems: maven
Packages: com.jflyfox:jflyfox_jfinal
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS13cDZjLTI5cjMtanF3Oc4AA08A
SQL injection in jeecg-boot
Ecosystems: maven
Packages: org.jeecgframework.boot:jeecg-boot-common
Source: GitHub Advisory Database
Blast Radius: 20.1
Published: 9 months ago
Statistics
Advisories: 18,330
Packages: 8,279
Repositories: 969
Ecosystems: 12
Filter by Severity
Moderate 7,912 High 6,344 Critical 2,806 Low 981
Filter by Ecosystem
maven 5,520 packagist 3,801 pypi 3,705 npm 3,535 go 1,889 nuget 1,390 rubygems 814 cargo 776 swift 31 hex 30 actions 16 pub 8
Filter by Package
org.jenkins-ci.main:jenkins-core 189 org.apache.tomcat:tomcat 134 com.fasterxml.jackson.core:jackson-databind 69 org.apache.struts:struts2-core 55 org.keycloak:keycloak-core 47 com.liferay.portal:release.portal.bom 45 org.apache.tomcat.embed:tomcat-embed-core 37 com.thoughtworks.xstream:xstream 36 com.jfinal:jfinal 36 net.mingsoft:ms-mcms 35 org.xwiki.platform:xwiki-platform-oldcore 34 org.elasticsearch:elasticsearch 32 org.jenkins-ci.plugins:script-security 30 org.keycloak:keycloak-services 27 io.undertow:undertow-core 27 org.apache.solr:solr-core 25 org.keycloak:keycloak-parent 25 org.eclipse.jetty:jetty-server 23 org.springframework.security:spring-security-core 23 org.apache.nifi:nifi 22 org.apache.openmeetings:openmeetings-parent 21 org.cloudfoundry.identity:cloudfoundry-identity-server 20 org.springframework:spring-core 19 com.liferay.portal:release.dxp.bom 18 com.vaadin:vaadin-bom 18 org.bouncycastle:bcprov-jdk14 18 org.apache.geode:geode-core 17 org.xwiki.platform:xwiki-platform-web-templates 17 org.apache.activemq:activemq-client 16 org.apache.dubbo:dubbo 16 org.bouncycastle:bcprov-jdk15 16 org.apache.struts.xwork:xwork-core 15 org.apache.jspwiki:jspwiki-main 15 org.xwiki.platform:xwiki-platform-web 14 org.apache.hadoop:hadoop-main 13 org.apache.inlong:manager-pojo 13 org.apache.cxf:cxf 13 org.jenkins-ci.plugins:git 12 org.jenkins-ci.plugins.workflow:workflow-cps 12 com.vaadin:flow-server 12 org.apache.dolphinscheduler:dolphinscheduler 12 org.apache.commons:commons-compress 11 org.apache.james:james-server 11 org.jenkins-ci.plugins:email-ext 11 org.mortbay.jetty:jetty 11 org.apache.tika:tika-core 11 org.apache.tomcat:tomcat-coyote 11 org.igniterealtime.openfire:parent 11 org.jeecgframework.boot:jeecg-boot-common 11 org.apache.camel:camel-core 11 org.apache.hadoop:hadoop-common 11 org.apache.cxf:cxf-core 11 org.apache.jspwiki:jspwiki-war 11 org.apache.ranger:ranger 11 org.jeecgframework.boot:jeecg-boot-parent 11 com.xuxueli:xxl-job 11 org.jenkins-ci.plugins.workflow:workflow-cps-global-lib 10 org.apache.inlong:manager-service 10 org.xwiki.platform:xwiki-platform-administration-ui 10 io.netty:netty 10 org.jboss.netty:netty 10 org.bouncycastle:bcprov-jdk15on 9 org.apache.shiro:shiro-core 9 org.craftercms:crafter-studio 9 org.apache.hive:hive 9 com.sonyericsson.jenkins.plugins.bfa:build-failure-analyzer 9 org.jenkins-ci.plugins:config-file-provider 9 org.apache.tapestry:tapestry-core 9 org.apache.xmlgraphics:batik 9 org.springframework:spring-web 9 org.opennms:opennms 9 org.apache.archiva:archiva 9 io.jenkins:configuration-as-code 9 cn.hutool:hutool-core 9 org.springframework:spring-webmvc 9 jquery 9 org.jenkins-ci.plugins:active-directory 9 org.opencrx:opencrx-core-models 9 org.apache.tomcat:tomcat-catalina 9 org.jenkins-ci.plugins:electricflow 9 org.webjars.npm:jquery 9 jquery-rails 9 org.graylog2:graylog2-server 8 com.hazelcast:hazelcast 8 org.jenkins-ci.plugins:ec2 8 org.opencms:opencms-core 8 org.apache.ambari:ambari 8 org.apache.hive:hive-exec 8 org.apache.kylin:kylin 8 org.apache.zeppelin:zeppelin 8 org.apache.ozone:ozone-main 8 org.apache.pdfbox:pdfbox 8 org.postgresql:postgresql 8 jQuery 8 mysql:mysql-connector-java 8 org.apache.santuario:xmlsec 8 io.jenkins.blueocean:blueocean 8 org.yaml:snakeyaml 8 org.owasp.antisamy:antisamy 7 rubygems-update 7 org.apache.derby:derby 7 org.jenkins-ci.plugins:subversion 7 io.jenkins.plugins:miniorange-saml-sp 7 org.jenkins-ci.plugins:jobConfigHistory 7 org.jboss.resteasy:resteasy-client 7 org.jruby:jruby-stdlib 7 io.dataease:dataease-plugin-common 7 org.apache.hive:hive-service 7 jQuery.UI.Combined 7 org.webjars.npm:jquery-ui 7 org.apache.activemq:activemq-parent 7 jquery-ui-rails 7 jquery-ui 7 org.apache.spark:spark-core_2.11 7 org.apache.tika:tika 7 org.silverpeas.core:silverpeas-core-web 7 org.jenkins-ci.plugins:artifactory 7 org.jenkins-ci.plugins:openshift-deployer 7 org.apache.poi:poi 7 org.jenkins-ci.plugins:mercurial 7 org.apache.cxf:apache-cxf 7 org.owasp.esapi:esapi 7 io.jenkins.plugins:warnings-ng 7 net.opentsdb:opentsdb 7 org.jenkins-ci.plugins:rundeck 7 org.apache.atlas:atlas-common 7 org.apache.karaf:apache-karaf 7 io.atomix:atomix 7 org.jeecgframework.boot:jeecg-boot-base 7 org.apache.linkis:linkis 7 org.apache.logging.log4j:log4j-core 7 io.jenkins.plugins:cavisson-ns-nd-integration 7 org.apache.inlong:manager-web 7 org.apache.axis:axis 6 de.tum.in.ase:artemis-java-test-sandbox 6 org.jenkins-ci.plugins:azure-vm-agents 6 org.apache.struts:struts2-rest-plugin 6 org.apache.httpcomponents:httpclient 6 org.csanchez.jenkins.plugins:kubernetes 6 org.jenkins-ci.plugins:fortify-on-demand-uploader 6 org.apache.mesos:mesos 6 commons-fileupload:commons-fileupload 6 org.apache.spark:spark-core_2.10 6 com.sonyericsson.hudson.plugins.gerrit:gerrit-trigger 6 axis:axis 6 io.netty:netty-codec-http 6 org.apache.shenyu:shenyu-common 6 org.jenkins-ci.plugins:repository-connector 6 hudson.plugins:project-inheritance 6 org.opensearch.plugin:opensearch-security 6 io.netty:netty-handler 6 org.apache.pulsar:pulsar-broker 6 org.xwiki.commons:xwiki-commons-xml 6 com.jflyfox:jflyfox_jfinal 6 org.opencastproject:opencast-kernel 6 org.apache.solr:solr-parent 6 org.apache.syncope:syncope-core 6 org.jenkins-ci.plugins:ec2-deployment-dashboard 6 tech.powerjob:powerjob 6 com.xebialabs.deployit.ci:deployit-plugin 6 org.apache.storm:storm-core 6 cn.hutool:hutool-json 6 org.jenkins-ci.plugins:gitlab-oauth 6 org.jenkins-ci.plugins:pipeline-maven 6 org.apache.cassandra:cassandra-all 5 io.vertx:vertx-web 5 com.alibaba:dubbo 5 org.xwiki.platform:xwiki-platform-appwithinminutes-ui 5 com.synopsys.jenkinsci:ownership 5 org.apache.zookeeper:zookeeper 5 com.nimbusds:nimbus-jose-jwt 5 org.bouncycastle:bcprov-jdk15to18 5 org.jenkins-ci.plugins:junit 5 org.jenkins-ci.plugins:htmlpublisher 5 info.magnolia:magnolia-core 5 org.opennms:opennms-webapp 5 org.apache.druid:druid 5 org.springframework.amqp:spring-amqp 5 org.jenkins-ci.plugins:google-login 5 org.jenkinsci.plugins:octoperf 5 xerces:xercesImpl 5 org.jenkins-ci.plugins:openid 5 org.jenkins-ci.plugins:websphere-deployer 5 org.apache.hadoop:hadoop-client 5 org.jenkins-ci.plugins:mailer 5 org.wildfly:wildfly-parent 5 org.xwiki.platform:xwiki-platform-flamingo-skin-resources 5 org.jboss.resteasy:resteasy-bom 5 com.vaadin:vaadin-server 5 org.apache.struts:struts-core 5 org.dspace:dspace-jspui 5 com.ruoyi:ruoyi 5 org.jenkins-ci.plugins:delphix 5 org.jeecgframework.boot:jeecg-boot-base-core 5 org.neo4j.procedure:apoc 5 edu.stanford.nlp:stanford-corenlp 5 org.jenkins-ci.plugins:ghprb 5 org.apache.ignite:ignite-core 5 org.jenkins-ci.plugins:azure-ad 5 org.jenkins-ci.plugins:credentials 5
Filter by Repository
https://github.com/xwiki/xwiki-platform 172 https://github.com/jenkinsci/jenkins 148 https://github.com/apache/tomcat 96 https://github.com/FasterXML/jackson-databind 70 https://github.com/keycloak/keycloak 58 https://github.com/apache/struts 46 https://github.com/spring-projects/spring-framework 41 https://github.com/x-stream/xstream 36 https://github.com/apache/activemq 32 https://github.com/CVEProject/cvelist 28 https://github.com/apache/inlong 25 https://github.com/eclipse/jetty.project 23 https://github.com/apache/nifi 21 https://github.com/netty/netty 20 https://github.com/OpenNMS/opennms 20 https://github.com/jenkinsci/script-security-plugin 20 https://github.com/jeecgboot/jeecg-boot 20 https://github.com/cloudfoundry/uaa 19 https://github.com/apache/cxf 19 https://github.com/bcgit/bc-java 18 https://github.com/vaadin/platform 17 https://github.com/opencast/opencast 16 https://github.com/apache/camel 15 https://github.com/geoserver/geoserver 15 https://github.com/ming-soft/MCMS 13 https://github.com/xuxueli/xxl-job 13 https://github.com/undertow-io/undertow 13 https://github.com/quarkusio/quarkus 13 https://github.com/apache/dolphinscheduler 12 https://github.com/apache/kylin 12 https://github.com/dromara/hutool 12 https://github.com/igniterealtime/Openfire 11 https://github.com/vaadin/flow 11 https://github.com/jenkinsci/git-plugin 10 https://github.com/jquery/jquery 10 https://github.com/Graylog2/graylog2-server 9 https://github.com/DSpace/DSpace 9 https://github.com/spring-projects/spring-security 9 https://github.com/cui2shark/cms 9 https://github.com/apache/lucene-solr 9 https://github.com/nahsra/antisamy 8 https://github.com/apache/zeppelin 8 https://github.com/opensearch-project/security 8 https://github.com/jenkinsci/config-file-provider-plugin 8 https://github.com/hazelcast/hazelcast 8 https://github.com/xwiki/xwiki-commons 8 https://github.com/apache/xmlgraphics-batik 7 https://github.com/OpenTSDB/opentsdb 7 https://github.com/vaadin/framework 7 https://github.com/jflyfox/jfinal_cms 7 https://github.com/rubygems/rubygems 7 https://github.com/rundeck/rundeck 7 https://github.com/dataease/dataease 7 https://github.com/RhinoSecurityLabs/CVEs 7 https://github.com/pgjdbc/pgjdbc 7 https://github.com/jenkinsci/blueocean-plugin 7 https://github.com/ratpack/ratpack 7 https://github.com/resteasy/resteasy 6 https://github.com/jenkinsci/fortify-on-demand-uploader-plugin 6 https://github.com/apache/hadoop 6 https://github.com/DrunkenShells/Disclosures 6 https://github.com/jenkinsci/gerrit-trigger-plugin 6 https://github.com/vert-x3/vertx-web 6 https://github.com/http4s/http4s 6 https://github.com/apache/pulsar 6 https://github.com/line/armeria 6 https://github.com/jenkinsci/electricflow-plugin 6 https://github.com/ESAPI/esapi-java-legacy 6 https://github.com/ls1intum/Ares 6 https://github.com/OpenRefine/OpenRefine 6 https://bitbucket.org/snakeyaml/snakeyaml 6 https://github.com/jquery/jquery-ui 6 https://github.com/jenkinsci/build-failure-analyzer-plugin 6 https://github.com/apache/tika 6 https://github.com/jenkinsci/configuration-as-code-plugin 6 https://github.com/cui2shark/security 6 https://github.com/playframework/playframework 6 https://github.com/jenkinsci/ec2-plugin 6 https://github.com/jenkinsci/email-ext-plugin 5 https://github.com/neo4j-contrib/neo4j-apoc-procedures 5 https://github.com/jenkinsci/github-plugin 5 https://github.com/apache/shiro 5 https://github.com/jenkinsci/gitlab-plugin 5 https://github.com/apache/shenyu 5 https://github.com/JLLeitschuh/security-research 5 https://github.com/jenkinsci/workflow-cps-global-lib-plugin 5 https://github.com/jenkinsci/codedx-plugin 5 https://github.com/apache/karaf 5 https://github.com/h2database/h2database 5 https://github.com/apiman/apiman 5 https://github.com/jenkinsci/active-directory-plugin 5 https://github.com/alibaba/nacos 5 https://github.com/jenkinsci/junit-plugin 5 https://github.com/apache/openmeetings 5 https://github.com/OpenAPITools/openapi-generator 5 https://github.com/jettison-json/jettison 5 https://github.com/jenkinsci/m2release-plugin 5 https://github.com/grails/grails-core 5 https://bitbucket.org/connect2id/nimbus-jose-jwt 5 https://github.com/restlet/restlet-framework-java 5 https://github.com/PowerJob/PowerJob 5 https://github.com/jenkinsci/support-core-plugin 5 https://github.com/jenkinsci/subversion-plugin 5 https://github.com/protocolbuffers/protobuf 5 https://github.com/jensdietrich/xshady-release 5 https://github.com/apache/geode 5 https://github.com/jenkinsci/publish-over-ssh-plugin 5 https://github.com/jenkinsci/htmlpublisher-plugin 4 https://github.com/aws/aws-iot-device-sdk-java-v2 4 https://github.com/jenkinsci/warnings-ng-plugin 4 https://github.com/jenkinsci/rundeck-plugin 4 https://github.com/infinispan/infinispan 4 https://github.com/jenkinsci/job-config-history-plugin 4 https://github.com/jenkinsci/nexus-platform-plugin 4 https://github.com/micronaut-projects/micronaut-core 4 https://github.com/skylot/jadx 4 https://github.com/itext/itext7 4 https://github.com/shopizer-ecommerce/shopizer 4 https://github.com/apache/solr 4 https://github.com/jenkinsci/libvirt-slave-plugin 4 https://github.com/reportportal/reportportal 4 https://github.com/jenkinsci/ansible-plugin 4 https://github.com/resteasy/Resteasy 4 https://github.com/ktorio/ktor 4 https://github.com/pippo-java/pippo 4 https://github.com/jfinal/jfinal 4 https://github.com/jenkinsci/xldeploy-plugin 4 https://github.com/nightcloudos/new_cms 4 https://github.com/apache/httpcomponents-client 4 https://github.com/stanfordnlp/corenlp 4 https://github.com/jenkinsci/credentials-binding-plugin 4 https://github.com/jenkinsci/fortify-plugin 4 https://github.com/jenkinsci/gitlab-oauth-plugin 4 https://github.com/apache/activemq-artemis 4 https://github.com/apache/syncope 4 https://github.com/xerial/snappy-java 4 https://github.com/HtmlUnit/htmlunit 4 https://github.com/jenkinsci/workflow-cps-plugin 4 https://github.com/jenkinsci/p4-plugin 4 https://github.com/jenkinsci/active-choices-plugin 4 https://github.com/yamcs/yamcs 4 https://github.com/jenkinsci/hpe-application-automation-tools-plugin 4 https://github.com/alkacon/opencms-core 4 https://github.com/jenkinsci/matrix-project-plugin 4 https://github.com/google/guava 3 https://github.com/apache/santuario-java 3 https://github.com/pf4j/pf4j 3 https://github.com/Rabb1ter/cms 3 https://github.com/eclipse-ee4j/mojarra 3 https://github.com/opengoofy/hippo4j 3 https://github.com/orientechnologies/orientdb 3 https://github.com/peteroupc/CBOR-Java 3 https://github.com/jenkinsci/nomad-plugin 3 https://github.com/qos-ch/logback 3 https://github.com/jenkinsci/mailer-plugin 3 https://github.com/apache/ranger 3 https://github.com/open-metadata/OpenMetadata 3 https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server 3 https://github.com/mbechler/marshalsec 3 https://github.com/OWASP/json-sanitizer 3 https://github.com/eclipse/lemminx 3 https://github.com/apache/storm 3 https://github.com/jenkinsci/mercurial-plugin 3 https://github.com/apache/commons-configuration 3 https://github.com/wildfly/wildfly-core 3 https://github.com/AsyncHttpClient/async-http-client 3 https://github.com/jhy/jsoup 3 https://github.com/jenkinsci/database-plugin 3 https://github.com/codehaus-plexus/plexus-utils 3 https://github.com/jenkinsci/cvs-plugin 3 https://github.com/wso2/carbon-registry 3 https://github.com/Jarvis-616/cms 3 https://github.com/jenkinsci/crx-content-package-deployer-plugin 3 https://github.com/javamelody/javamelody 3 https://github.com/jenkinsci/compuware-topaz-for-total-test-plugin 3 https://svn.apache.org/viewvc/tomcat/tc7.0.x 3 https://github.com/xwiki/xwiki-rendering 3 https://github.com/jenkinsci/code-coverage-api-plugin 3 https://github.com/ysuzhangbin/cms 3 https://github.com/jenkinsci/cloudbees-jenkins-advisor-plugin 3 https://github.com/jenkinsci/ci-with-toad-edge-plugin 3 https://github.com/joniles/mpxj 3 https://github.com/jooby-project/jooby 3 https://github.com/jenkinsci/cas-plugin 3 https://github.com/Adobe-Consulting-Services/acs-aem-commons 3 https://github.com/jenkinsci/bitbucket-oauth-plugin 3 https://github.com/jenkinsci/audit-trail-plugin 3 https://github.com/jenkinsci/azure-vm-agents-plugin 3 https://github.com/jenkinsci/azure-credentials-plugin 3 https://svn.apache.org/viewvc/lucene/dev 3 https://github.com/jenkinsci/scriptler-plugin 3 https://github.com/rhuss/jolokia 3 https://github.com/jenkinsci/mac-plugin 3 https://github.com/jenkinsci/lucene-search-plugin 3 https://github.com/matrix-org/matrix-android-sdk2 3 https://github.com/jenkinsci/liquibase-runner-plugin 3 https://github.com/jenkinsci/kubernetes-plugin 3 https://github.com/apache/olingo-odata4 3 https://github.com/grpc/grpc 3