Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

maven Security Advisories

Loading...
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWo4MjMtNHFjaC0zcmdt
Deserialization of untrusted data in Jackson Databind
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 43.6
Published: almost 4 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTU5NDktcnc3Zy13eDd3
Deserialization of untrusted data in jackson-databind
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 43.6
Published: over 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWMycTMtNHFyaC1mbTQ4
Deserialization of untrusted data in Jackson Databind
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 43.6
Published: almost 4 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVyNXItNmhwai04Z2c5
Serialization gadget exploit in jackson-databind
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 43.6
Published: over 2 years ago
High
GSA_kwCzR0hTQS12NTg1LTIzaGMtYzY0N80WqA
Unsafe Deserialization in jackson-databind
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 43.6
Published: over 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThjNGotMzRyNC14cjhn
Unsafe Deserialization in jackson-databind
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 43.6
Published: over 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg5cXItMzY5Zi01bTV4
Unsafe Deserialization in jackson-databind
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 43.6
Published: over 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg0cmMtMzg2Zy02bTg1
jackson-databind mishandles the interaction between serialization gadgets and typing
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 43.6
Published: about 4 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTlncGgtMjJ4aC04eDk4
Unsafe Deserialization in jackson-databind
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 43.6
Published: over 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdoOGctM2oyYy1ycWo1
Serialization gadgets exploit in jackson-databind
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 43.6
Published: over 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWgzY3ctZzRtcS1jNXgy
Code Injection in jackson-databind
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 43.6
Published: over 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTI3eGotcnF4NS0yMjU1
jackson-databind mishandles the interaction between serialization gadgets and typing
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 43.6
Published: almost 4 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZmcXgtMzNxbS1nODY5
Unsafe Deserialization in jackson-databind
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 43.6
Published: over 2 years ago
High
GSA_kwCzR0hTQS1ycHIzLWN3MzktM3B4aM4AAtZ7
jackson-databind before 2.9.10.4 vulnerable to unsafe deserialization
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 43.6
Published: almost 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXI2OTUtN3ZyOS1qZ2My
Unsafe Deserialization in jackson-databind
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 43.6
Published: over 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWY5eGgtMnFncC1jcTU3
Unsafe Deserialization in jackson-databind
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 43.6
Published: over 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTltNmYtN3hjcS04dmY4
Unsafe Deserialization in jackson-databind
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 43.6
Published: over 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXczZjQtM3E2ai1yaDgy
Deserialization of Untrusted Data in jackson-databind
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 43.6
Published: almost 4 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXIzZ3ItY3hyZi1oZzI1
Serialization gadgets exploit in jackson-databind
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 43.6
Published: over 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTh3MjYtNmYyNS1jbTl4
Unsafe Deserialization in jackson-databind
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 43.6
Published: over 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFqdzItaHI5OC1xZ2Zo
Unsafe Deserialization in jackson-databind
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 43.6
Published: over 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWMyNjUtMzd2ai1jd2Nj
Deserialization of untrusted data in Jackson Databind
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 43.6
Published: almost 4 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWN2bTktZmptOS0zNTcy
Unsafe Deserialization in jackson-databind
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 43.6
Published: over 2 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWY1NTQteDIyMi13Z2Y3
Command Injection in Xstream
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: GitHub Advisory Database
Blast Radius: 43.2
Published: almost 5 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhmMjMtOXBmNy0zODhw
Deserialization of Untrusted Data and Code Injection in xstream
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: GitHub Advisory Database
Blast Radius: 43.2
Published: almost 5 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhtcTYtZnJ2My00NzI3
jackson-dataformat-xml vulnerable to XML external entity (XXE)
Ecosystems: maven
Packages: com.fasterxml.jackson.dataformat:jackson-dataformat-xml
Source: GitHub Advisory Database
Blast Radius: 43.0
Published: over 5 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXY5OGotN2NyYy13dnJq
Authentication bypass in Apache Shiro
Ecosystems: maven
Packages: org.apache.shiro:shiro-spring-boot-starter, org.apache.shiro:shiro-spring, org.apache.shiro:shiro-web
Source: GitHub Advisory Database
Blast Radius: 42.9
Published: about 2 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdjajQtZ2o4bS1tMmY3
Authentication bypass in Apache Shiro
Ecosystems: maven
Packages: org.apache.shiro:shiro-spring
Source: GitHub Advisory Database
Blast Radius: 42.9
Published: about 3 years ago
High
GSA_kwCzR0hTQS13bTdoLTkyNzUtNDZ2Ms4AAgbn
Crash in HeaderParser in dicer
Ecosystems: maven, npm
Packages: org.webjars.npm:dicer, dicer
Source: GitHub Advisory Database
Blast Radius: 42.7
Published: almost 2 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXgzcmgtbTd2cC0zNWYy
Operation on a Resource after Expiration or Release in Jetty Server
Ecosystems: maven
Packages: org.eclipse.jetty:jetty-server
Source: GitHub Advisory Database
Blast Radius: 42.7
Published: almost 4 years ago
Critical
GSA_kwCzR0hTQS04d201LThoOWMtNDdwY84AAtzA
Apache Hadoop argument injection vulnerability
Ecosystems: maven
Packages: org.apache.hadoop:hadoop-common
Source: GitHub Advisory Database
Blast Radius: 42.6
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS1ybXBqLTdjOTYtbXJnOM4AArin
Apache Hadoop heap overflow before v2.10.2, v3.2.3, v3.3.2
Ecosystems: maven
Packages: org.apache.hadoop:hadoop-common
Source: GitHub Advisory Database
Blast Radius: 42.6
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS1neDJjLWZ2aGMtcGg0as05Xg
Path traversal in Hadoop
Ecosystems: maven
Packages: org.apache.hadoop:hadoop-common
Source: GitHub Advisory Database
Blast Radius: 42.6
Published: about 2 years ago
Critical
GSA_kwCzR0hTQS1yY2pjLWM0cGoteHhycM4AA3Qr
Apache Derby: LDAP injection vulnerability in authenticator
Ecosystems: maven
Packages: org.apache.derby:derby
Source: GitHub Advisory Database
Blast Radius: 42.6
Published: 6 months ago
Critical
GSA_kwCzR0hTQS1xNDZ2LWNqNXYtaHZnNs4AAYKo
Use of a Broken or Risky Cryptographic Algorithm in Apache Hadoop
Ecosystems: maven
Packages: org.apache.hadoop:hadoop-client
Source: GitHub Advisory Database
Blast Radius: 42.4
Published: almost 2 years ago
High
GSA_kwCzR0hTQS0yMndqLXZmNWYtd3J2as4AAwB8
Password exposure in H2 Database
Ecosystems: maven
Packages: com.h2database:h2
Source: GitHub Advisory Database
Blast Radius: 42.3
Published: over 1 year ago
High
GSA_kwCzR0hTQS1wNnhjLXhyNjItNnIyZ80dEw
Apache Log4j2 vulnerable to Improper Input Validation and Uncontrolled Recursion
Ecosystems: maven
Packages: org.apache.logging.log4j:log4j-core
Source: GitHub Advisory Database
Blast Radius: 42.3
Published: over 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdxMjgtaDV2Zy04cHJ4
Privilege escalation in spring security
Ecosystems: maven
Packages: org.springframework.security:spring-security-web, org.springframework.security:spring-security-bom
Source: GitHub Advisory Database
Blast Radius: 42.3
Published: almost 3 years ago
Critical
GSA_kwCzR0hTQS13NTU5LTYyM3AtdmZnOM3fzg
MyBatis PageHelper vulnerable to time-blind SQL injection via orderBy parameter
Ecosystems: maven
Packages: com.github.pagehelper:pagehelper
Source: GitHub Advisory Database
Blast Radius: 42.1
Published: about 2 years ago
High
GSA_kwCzR0hTQS00anJ2LXBwcDQtam01N83X4A
Deserialization of Untrusted Data in Gson
Ecosystems: maven
Packages: com.google.code.gson:gson
Source: GitHub Advisory Database
Blast Radius: 42.1
Published: about 2 years ago
High
GSA_kwCzR0hTQS1jY2d2LXZqNjIteGY5aM4AA5d5
Spring Web vulnerable to Open Redirect or Server Side Request Forgery
Ecosystems: maven
Packages: org.springframework:spring-web
Source: GitHub Advisory Database
Blast Radius: 42.0
Published: 2 months ago
High
GSA_kwCzR0hTQS1oZ2poLTlyajItZzY3as4AA6DE
Spring Framework URL Parsing with Host Validation Vulnerability
Ecosystems: maven
Packages: org.springframework:spring-web
Source: GitHub Advisory Database
Blast Radius: 42.0
Published: about 2 months ago
High
GSA_kwCzR0hTQS0yd3JwLTZmZzYtaG1jNc4AA7Ch
Spring Framework URL Parsing with Host Validation
Ecosystems: maven
Packages: org.springframework:spring-web
Source: GitHub Advisory Database
Blast Radius: 42.0
Published: 22 days ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQ0NDYtNjU2cC1mNTRn
Deserialization of Untrusted Data in Bouncy castle
Ecosystems: maven
Packages: org.bouncycastle:bcprov-jdk15on
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: over 5 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTI2Z3ItY3ZxMy1xeGdm
Improper Authentication in Apache Shiro
Ecosystems: maven
Packages: org.apache.shiro:shiro-core
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: about 3 years ago
Critical
GSA_kwCzR0hTQS1mNmpwLWo2dzMtdzlobc0V4A
Apache Shiro vulnerable to a specially crafted HTTP request causing an authentication bypass
Ecosystems: maven
Packages: org.apache.shiro:shiro-core
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: over 2 years ago
Critical
GSA_kwCzR0hTQS00Y2Y1LXhtaHAtM3hqN84AAtCe
Improper Authorization in Apache Shiro
Ecosystems: maven
Packages: org.apache.shiro:shiro-core
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: almost 2 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTcydzktZmNqNS0zZmNn
Improper Authentication in Apache Shiro
Ecosystems: maven
Packages: org.apache.shiro:shiro-core
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: about 3 years ago
Critical
GSA_kwCzR0hTQS00NXg5LXE2dmotY3Fncc4AAvPr
Apache Shiro Authentication Bypass vulnerability
Ecosystems: maven
Packages: org.apache.shiro:shiro-core
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS00djNnLWc4NHctaHY3cs3oqg
Authentication Bypass Using an Alternate Path or Channel in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat.embed:tomcat-embed-jasper, org.apache.tomcat:jasper, org.apache.tomcat:tomcat-jasper
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: almost 2 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXE0ODUtajg5Ny1xYzI3
XML External Entity Reference in mchange:c3p0
Ecosystems: maven
Packages: com.mchange:c3p0
Source: GitHub Advisory Database
Blast Radius: 41.6
Published: over 5 years ago
Critical
GSA_kwCzR0hTQS03Mjg2LXBnZnYtdnh2aM4AA2YZ
Authorization Bypass Through User-Controlled Key vulnerability in Apache ZooKeeper
Ecosystems: maven
Packages: org.apache.zookeeper:zookeeper
Source: GitHub Advisory Database
Blast Radius: 41.3
Published: 7 months ago
High
GSA_kwCzR0hTQS1wdjdoLWh4NWgtbWdmas4AArfz
Unsafe deserialization in com.alibaba:fastjson
Ecosystems: maven
Packages: com.alibaba:fastjson
Source: GitHub Advisory Database
Blast Radius: 41.1
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS03N2g4LTVqM2gtamNqZs4AAxTc
Dromara Hutool Deserialization of Untrusted Data vulnerability
Ecosystems: maven
Packages: cn.hutool:hutool-all
Source: GitHub Advisory Database
Blast Radius: 41.0
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS02YzI1LWN4Y2MtcG1jNM4AAxTY
Dromara hutool vulnerable to SQL Injection
Ecosystems: maven
Packages: cn.hutool:hutool-all
Source: GitHub Advisory Database
Blast Radius: 41.0
Published: over 1 year ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQ4cnctajQ4OS05Mjht
Signature wrapping vulnerability in Spring Security
Ecosystems: maven
Packages: org.springframework.security:spring-security-core
Source: GitHub Advisory Database
Blast Radius: 40.9
Published: almost 4 years ago
Critical
GSA_kwCzR0hTQS05aGcyLTM5NWotODNybc4AASV-
Expected Behavior Violation in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat.embed:tomcat-embed-core, org.apache.tomcat:tomcat-coyote
Source: GitHub Advisory Database
Blast Radius: 40.7
Published: almost 2 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXI0eDItM2NxNS1ocXZw
The defaults settings for the CORS filter provided in Apache Tomcat are insecure and enable 'supportsCredentials' for all origins
Ecosystems: maven
Packages: org.apache.tomcat.embed:tomcat-embed-core
Source: GitHub Advisory Database
Blast Radius: 40.7
Published: over 5 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWM5aHctd2Y3eC1qcDlq
Improper Privilege Management in Tomcat
Ecosystems: maven
Packages: org.apache.tomcat.embed:tomcat-embed-core
Source: GitHub Advisory Database
Blast Radius: 40.7
Published: almost 4 years ago
Critical
GSA_kwCzR0hTQS1jdzU0LTU5cHctNGc4Y833AA
Apache Tomcat Improper Access Control vulnerability
Ecosystems: maven
Packages: org.apache.tomcat.embed:tomcat-embed-core, org.apache.tomcat:tomcat-catalina
Source: GitHub Advisory Database
Blast Radius: 40.7
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS1xZzI1LWhnanYtY2c5cc4AAQar
Improper Neutralization of Special Elements in Output Used by a Downstream Component in Apache Groovy
Ecosystems: maven
Packages: org.codehaus.groovy:groovy
Source: GitHub Advisory Database
Blast Radius: 40.6
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS14cGhqLW05Y2MtOGZtcc4AAQZQ
Deserialization of Untrusted Data in Groovy
Ecosystems: maven
Packages: org.codehaus.groovy:groovy
Source: GitHub Advisory Database
Blast Radius: 40.6
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS01OTlmLTdjNDktdzY1Oc4AAvT6
Arbitrary code execution in Apache Commons Text
Ecosystems: maven
Packages: com.guicedee.services:commons-text, org.apache.commons:commons-text
Source: GitHub Advisory Database
Blast Radius: 40.5
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS01bWM3LW02ODYtcDZqZ800Hw
Deserialization of Untrusted Data in Apache Dubbo
Ecosystems: maven
Packages: com.alibaba:dubbo, org.apache.dubbo:dubbo
Source: GitHub Advisory Database
Blast Radius: 40.5
Published: about 2 years ago
Critical
GSA_kwCzR0hTQS12MnJnLThjd3ItNzVnOM00Hg
Deserializer tampering in Apache Dubbo
Ecosystems: maven
Packages: com.alibaba:dubbo, org.apache.dubbo:dubbo
Source: GitHub Advisory Database
Blast Radius: 40.5
Published: about 2 years ago
Critical
GSA_kwCzR0hTQS1xbWZjLTZ3d3ctZmpxd800IQ
Code injection in Apache Dubbo
Ecosystems: maven
Packages: org.apache.dubbo:dubbo, com.alibaba:dubbo
Source: GitHub Advisory Database
Blast Radius: 40.5
Published: about 2 years ago
Critical
GSA_kwCzR0hTQS04dmhxLXFxNHAtZ3JxM83zOg
OS Command Injection in Plexus-utils
Ecosystems: maven
Packages: org.codehaus.plexus:plexus-utils
Source: GitHub Advisory Database
Blast Radius: 40.5
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1nZndqLWZ3cWotZnAzds4AAonj
Improper Privilege Management in Spring Framework
Ecosystems: maven
Packages: org.springframework:spring-web
Source: GitHub Advisory Database
Blast Radius: 40.4
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1qampoLWpqeHAtd3BmZs4AAvJv
Uncontrolled Resource Consumption in Jackson-databind
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 40.4
Published: over 1 year ago
High
GSA_kwCzR0hTQS01N2oyLXc0Y3gtNjJoMs0ybA
Deeply nested json in jackson-databind
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 40.4
Published: about 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTV3dzktajgzbS1xN3F4
Information exposure in FasterXML jackson-databind
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 40.4
Published: almost 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZ3cXAtdjR2Ni1jODdj
Deserialization of Untrusted Data
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 40.4
Published: almost 4 years ago
High
GSA_kwCzR0hTQS0zeDh4LTc5bTItM3cyd84AAyLf
jackson-databind possible Denial of Service if using JDK serialization to serialize JsonNode
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 40.4
Published: about 1 year ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWd3cDQtaGZ2Ni1wN2h3
Deserialization of untrusted data in FasterXML jackson-databind
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 40.4
Published: almost 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNmNnItM3dnYy1oODYz
Polymorphic deserialization of malicious object in jackson-databind
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 40.4
Published: almost 4 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTI4OGMtY3E0aC04OGdx
XML External Entity (XXE) Injection in Jackson Databind
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 40.4
Published: about 3 years ago
High
GSA_kwCzR0hTQS1yZ3Y5LXE1NDMtcnFnNM4AAvJu
Uncontrolled Resource Consumption in FasterXML jackson-databind
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 40.4
Published: over 1 year ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNqamYtOTRmZi00M3c3
jackson-databind Deserialization of Untrusted Data vulnerability
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 40.4
Published: about 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg4Y2MtZzgzNS03NnJw
Improper Restriction of XML External Entity Reference
Ecosystems: maven
Packages: org.postgresql:postgresql
Source: GitHub Advisory Database
Blast Radius: 40.4
Published: about 2 years ago
High
GSA_kwCzR0hTQS1mcDVyLXYzdzktNDMzM80bRA
JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data
Ecosystems: maven
Packages: org.zenframework.z8.dependencies.commons:log4j-1.2.17, log4j:log4j
Source: GitHub Advisory Database
Blast Radius: 40.3
Published: over 2 years ago
Critical
GSA_kwCzR0hTQS12NTd4LWd4ZmotNDg0cc0kcQ
Security Advisory for "Log4Shell"
Ecosystems: maven
Packages: com.hazelcast:hazelcast, com.hazelcast.jet:hazelcast-jet
Source: GitHub Advisory Database
Blast Radius: 40.2
Published: over 2 years ago
High
GSA_kwCzR0hTQS12OTRoLWh2aGctbWY5aM4AA3ZR
Spring Framework vulnerable to denial of service
Ecosystems: maven
Packages: org.springframework:spring-webmvc
Source: GitHub Advisory Database
Blast Radius: 40.2
Published: 5 months ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTh3eDItOXE0OC12bTly
RFD attack via Content-Disposition header sourced from request input by Spring MVC or Spring WebFlux Application
Ecosystems: maven
Packages: org.springframework:spring-webflux, org.springframework:spring-webmvc
Source: GitHub Advisory Database
Blast Radius: 40.2
Published: over 4 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJtOGgtZmdyOC0ycTl3
Pivotal Spring Framework Paths provided to the ResourceServlet were not properly sanitized
Ecosystems: maven
Packages: org.springframework:spring-webmvc
Source: GitHub Advisory Database
Blast Radius: 40.2
Published: over 5 years ago
High
GSA_kwCzR0hTQS1nNW1tLXZteDQtM3JnN807dA
Improper handling of case sensitivity in Spring Framework
Ecosystems: maven
Packages: org.springframework:spring-context
Source: GitHub Advisory Database
Blast Radius: 40.2
Published: about 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFxNDgtbTRqeC14cWg4
"Deserialization errors in MyBatis"
Ecosystems: maven
Packages: org.mybatis:mybatis
Source: GitHub Advisory Database
Blast Radius: 40.0
Published: about 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW13Y3gtNTMyZy04cHEz
Access and integrity issue within Eclipse Jetty
Ecosystems: maven
Packages: org.eclipse.jetty:jetty-server
Source: GitHub Advisory Database
Blast Radius: 39.9
Published: over 5 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWoyMzktNGdxZy01ajU0
Inadequate Encryption Strength
Ecosystems: maven
Packages: org.primefaces:primefaces
Source: GitHub Advisory Database
Blast Radius: 39.9
Published: almost 3 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRmcTMtbXI1Ni1jZzZy
Spring Data Commons remote code injection vulnerability
Ecosystems: maven
Packages: org.springframework.data:spring-data-commons
Source: GitHub Advisory Database
Blast Radius: 39.9
Published: over 5 years ago
Critical
GSA_kwCzR0hTQS1wbWhjLTJnNGYtODVjZ84AA03a
Path Traversal in Apache Shiro
Ecosystems: maven
Packages: org.apache.shiro:shiro-web
Source: GitHub Advisory Database
Blast Radius: 39.6
Published: 10 months ago
Critical
GSA_kwCzR0hTQS0zeHJyLTdtNnAtcDd4aM4AA0VW
HtmlUnit Code Injection vulnerability
Ecosystems: maven
Packages: net.sourceforge.htmlunit:htmlunit
Source: GitHub Advisory Database
Blast Radius: 39.5
Published: 10 months ago
Critical
GSA_kwCzR0hTQS13cjY5LWc2MmctMnI5aM32gQ
Improper Restriction of XML External Entity Reference in Apace Derby
Ecosystems: maven
Packages: org.apache.derby:derby
Source: GitHub Advisory Database
Blast Radius: 39.5
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1yYzJxLXg5bWYtdzN2Zs4AAv9U
TestNG is vulnerable to Path Traversal
Ecosystems: maven
Packages: org.testng:testng
Source: GitHub Advisory Database
Blast Radius: 39.4
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS05OXdoLTk3M2YtNzc5cM0v-w
XML External Entity Reference in Hazelcast
Ecosystems: maven
Packages: com.hazelcast:hazelcast
Source: GitHub Advisory Database
Blast Radius: 39.4
Published: about 2 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWM5amotM3d2Zy1xNjVo
Vulnerability that affects org.apache.pdfbox:pdfbox
Ecosystems: maven
Packages: org.apache.pdfbox:pdfbox
Source: GitHub Advisory Database
Blast Radius: 39.0
Published: almost 5 years ago
High
GSA_kwCzR0hTQS1yNHEzLTdnNHEteDg5bc4AA4ms
Spring Framework server Web DoS Vulnerability
Ecosystems: maven
Packages: org.springframework:spring-core
Source: GitHub Advisory Database
Blast Radius: 39.0
Published: 4 months ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZmdnEtN3c5Ni05N3A3
Denial of Service in Spring Framework
Ecosystems: maven
Packages: org.springframework:spring-core
Source: GitHub Advisory Database
Blast Radius: 39.0
Published: almost 4 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThjcnYtNDlmci0yaDZq
Spring Security and Spring Framework may not recognize certain paths that should be protected
Ecosystems: maven
Packages: org.springframework.security:spring-security-core, org.springframework:spring-core
Source: GitHub Advisory Database
Blast Radius: 39.0
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQ0ODcteDM4My1xcHBo
Possible privilege escalation in org.springframework:spring-core
Ecosystems: maven
Packages: org.springframework:spring-core
Source: GitHub Advisory Database
Blast Radius: 39.0
Published: over 5 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJycG0tcGo3cC03ajlx
Spring Security OAuth vulnerable to remote code execution (RCE)
Ecosystems: maven
Packages: org.springframework.security.oauth:spring-security-oauth2
Source: GitHub Advisory Database
Blast Radius: 38.9
Published: over 5 years ago
Statistics
Advisories: 18,400
Packages: 8,303
Repositories: 971
Ecosystems: 12
Filter by Severity
Moderate 7,949 High 6,364 Critical 2,810 Low 986
Filter by Ecosystem
maven 5,534 packagist 3,815 pypi 3,727 npm 3,546 go 1,899 nuget 1,390 rubygems 814 cargo 777 swift 31 hex 30 actions 16 pub 8
Filter by Package
org.jenkins-ci.main:jenkins-core 189 org.apache.tomcat:tomcat 134 com.fasterxml.jackson.core:jackson-databind 69 org.apache.struts:struts2-core 55 org.keycloak:keycloak-core 47 com.liferay.portal:release.portal.bom 45 org.apache.tomcat.embed:tomcat-embed-core 37 com.thoughtworks.xstream:xstream 36 com.jfinal:jfinal 36 net.mingsoft:ms-mcms 35 org.xwiki.platform:xwiki-platform-oldcore 34 org.elasticsearch:elasticsearch 32 org.jenkins-ci.plugins:script-security 32 io.undertow:undertow-core 27 org.keycloak:keycloak-services 27 org.keycloak:keycloak-parent 25 org.apache.solr:solr-core 25 org.eclipse.jetty:jetty-server 23 org.springframework.security:spring-security-core 23 org.apache.nifi:nifi 22 org.apache.openmeetings:openmeetings-parent 21 org.cloudfoundry.identity:cloudfoundry-identity-server 20 org.bouncycastle:bcprov-jdk14 19 org.springframework:spring-core 19 com.liferay.portal:release.dxp.bom 18 com.vaadin:vaadin-bom 18 org.xwiki.platform:xwiki-platform-web-templates 17 org.apache.geode:geode-core 17 org.apache.dubbo:dubbo 16 org.apache.activemq:activemq-client 16 org.bouncycastle:bcprov-jdk15 16 org.apache.struts.xwork:xwork-core 15 org.apache.jspwiki:jspwiki-main 15 org.xwiki.platform:xwiki-platform-web 14 org.apache.hadoop:hadoop-main 13 org.apache.cxf:cxf 13 org.apache.inlong:manager-pojo 13 org.jenkins-ci.plugins.workflow:workflow-cps 12 org.jenkins-ci.plugins:git 12 com.vaadin:flow-server 12 org.apache.dolphinscheduler:dolphinscheduler 12 org.jeecgframework.boot:jeecg-boot-common 11 org.apache.james:james-server 11 org.mortbay.jetty:jetty 11 org.jenkins-ci.plugins:email-ext 11 org.apache.camel:camel-core 11 org.igniterealtime.openfire:parent 11 org.apache.cxf:cxf-core 11 org.apache.hadoop:hadoop-common 11 org.apache.tomcat:tomcat-coyote 11 org.jeecgframework.boot:jeecg-boot-parent 11 org.apache.jspwiki:jspwiki-war 11 org.apache.tika:tika-core 11 com.xuxueli:xxl-job 11 org.apache.ranger:ranger 11 org.apache.commons:commons-compress 11 org.xwiki.platform:xwiki-platform-administration-ui 10 org.apache.inlong:manager-service 10 org.jboss.netty:netty 10 org.jenkins-ci.plugins.workflow:workflow-cps-global-lib 10 io.netty:netty 10 org.apache.hive:hive 9 org.jenkins-ci.plugins:active-directory 9 org.bouncycastle:bcprov-jdk15on 9 cn.hutool:hutool-core 9 com.sonyericsson.jenkins.plugins.bfa:build-failure-analyzer 9 org.opennms:opennms 9 org.apache.tapestry:tapestry-core 9 org.craftercms:crafter-studio 9 org.apache.archiva:archiva 9 jquery 9 org.apache.shiro:shiro-core 9 io.jenkins:configuration-as-code 9 jquery-rails 9 org.webjars.npm:jquery 9 org.springframework:spring-web 9 org.apache.tomcat:tomcat-catalina 9 org.apache.xmlgraphics:batik 9 org.jenkins-ci.plugins:electricflow 9 org.springframework:spring-webmvc 9 org.jenkins-ci.plugins:config-file-provider 9 org.opencrx:opencrx-core-models 9 org.apache.kylin:kylin 8 io.jenkins.blueocean:blueocean 8 org.apache.hive:hive-exec 8 org.jenkins-ci.plugins:ec2 8 org.apache.ambari:ambari 8 jQuery 8 mysql:mysql-connector-java 8 com.hazelcast:hazelcast 8 org.opencms:opencms-core 8 org.apache.zeppelin:zeppelin 8 org.postgresql:postgresql 8 org.graylog2:graylog2-server 8 org.yaml:snakeyaml 8 org.apache.santuario:xmlsec 8 org.apache.ozone:ozone-main 8 org.apache.pdfbox:pdfbox 8 org.jboss.resteasy:resteasy-client 7 org.apache.logging.log4j:log4j-core 7 org.owasp.esapi:esapi 7 org.apache.cxf:apache-cxf 7 org.jenkins-ci.plugins:jobConfigHistory 7 org.jenkins-ci.plugins:artifactory 7 org.jenkins-ci.plugins:rundeck 7 jquery-ui 7 org.owasp.antisamy:antisamy 7 org.jeecgframework.boot:jeecg-boot-base 7 io.jenkins.plugins:miniorange-saml-sp 7 io.atomix:atomix 7 org.apache.linkis:linkis 7 jQuery.UI.Combined 7 org.jenkins-ci.plugins:mercurial 7 jquery-ui-rails 7 org.webjars.npm:jquery-ui 7 org.apache.derby:derby 7 io.jenkins.plugins:warnings-ng 7 org.jenkins-ci.plugins:subversion 7 org.apache.spark:spark-core_2.11 7 org.apache.inlong:manager-web 7 org.apache.atlas:atlas-common 7 org.jenkins-ci.plugins:openshift-deployer 7 org.apache.poi:poi 7 io.jenkins.plugins:cavisson-ns-nd-integration 7 rubygems-update 7 org.jruby:jruby-stdlib 7 io.dataease:dataease-plugin-common 7 org.apache.activemq:activemq-parent 7 net.opentsdb:opentsdb 7 org.apache.tika:tika 7 org.apache.karaf:apache-karaf 7 org.silverpeas.core:silverpeas-core-web 7 org.apache.hive:hive-service 7 com.jflyfox:jflyfox_jfinal 6 org.xwiki.commons:xwiki-commons-xml 6 org.apache.httpcomponents:httpclient 6 org.opencastproject:opencast-kernel 6 axis:axis 6 org.apache.solr:solr-parent 6 com.sonyericsson.hudson.plugins.gerrit:gerrit-trigger 6 org.apache.mesos:mesos 6 org.apache.spark:spark-core_2.10 6 org.jenkins-ci.plugins:repository-connector 6 org.apache.axis:axis 6 cn.hutool:hutool-json 6 org.jenkins-ci.plugins:gitlab-oauth 6 org.jenkins-ci.plugins:azure-vm-agents 6 org.opensearch.plugin:opensearch-security 6 io.netty:netty-codec-http 6 commons-fileupload:commons-fileupload 6 hudson.plugins:project-inheritance 6 tech.powerjob:powerjob 6 org.apache.pulsar:pulsar-broker 6 io.netty:netty-handler 6 org.apache.shenyu:shenyu-common 6 org.apache.storm:storm-core 6 org.csanchez.jenkins.plugins:kubernetes 6 org.jenkins-ci.plugins:ec2-deployment-dashboard 6 org.jenkins-ci.plugins:fortify-on-demand-uploader 6 org.bouncycastle:bcprov-jdk15to18 6 org.jenkins-ci.plugins:pipeline-maven 6 com.xebialabs.deployit.ci:deployit-plugin 6 de.tum.in.ase:artemis-java-test-sandbox 6 org.apache.struts:struts2-rest-plugin 6 org.apache.syncope:syncope-core 6 io.vertx:vertx-core 5 org.xwiki.platform:xwiki-platform-appwithinminutes-ui 5 org.jenkins-ci.plugins:azure-ad 5 org.xwiki.platform:xwiki-platform-flamingo-skin-resources 5 org.neo4j.procedure:apoc 5 org.jeecgframework.boot:jeecg-boot-base-core 5 org.apache.struts:struts-core 5 com.google.protobuf:protobuf-java 5 org.jenkins-ci.plugins:scriptler 5 org.jenkins-ci.plugins:codedx 5 org.jenkins-ci.plugins:delphix 5 org.apache.ignite:ignite-core 5 com.mabl.integration.jenkins:mabl-integration 5 org.jenkins-ci.plugins:support-core 5 org.codehaus.jettison:jettison 5 org.apache.kylin:kylin-server-base 5 org.springframework.amqp:spring-amqp 5 org.jenkins-ci.plugins:openid 5 struts:struts 5 info.magnolia:magnolia-core 5 com.coravy.hudson.plugins.github:github 5 org.zenframework.z8.dependencies.commons:log4j-1.2.17 5 log4j:log4j 5 org.jenkins-ci.plugins:junit 5 org.jenkins-ci.plugins:credentials 5 org.apache.cassandra:cassandra-all 5 org.jenkins-ci.plugins:publish-over-ssh 5 org.jenkins-ci.plugins.m2release:m2release 5 org.jenkins-ci.plugins:ghprb 5 org.jenkins-ci.plugins:gitlab-plugin 5 org.jenkins-ci.plugins:websphere-deployer 5 org.apache.inlong:manager-dao 5 org.jenkinsci.plugins:octoperf 5 org.apache.hadoop:hadoop-client 5 org.jenkins-ci.plugins:google-login 5
Filter by Repository
https://github.com/xwiki/xwiki-platform 172 https://github.com/jenkinsci/jenkins 148 https://github.com/apache/tomcat 96 https://github.com/FasterXML/jackson-databind 70 https://github.com/keycloak/keycloak 58 https://github.com/apache/struts 46 https://github.com/spring-projects/spring-framework 41 https://github.com/x-stream/xstream 36 https://github.com/apache/activemq 33 https://github.com/CVEProject/cvelist 28 https://github.com/apache/inlong 25 https://github.com/eclipse/jetty.project 23 https://github.com/apache/nifi 21 https://github.com/jenkinsci/script-security-plugin 21 https://github.com/jeecgboot/jeecg-boot 20 https://github.com/OpenNMS/opennms 20 https://github.com/netty/netty 20 https://github.com/apache/cxf 19 https://github.com/cloudfoundry/uaa 19 https://github.com/bcgit/bc-java 18 https://github.com/vaadin/platform 17 https://github.com/opencast/opencast 16 https://github.com/apache/camel 15 https://github.com/geoserver/geoserver 15 https://github.com/xuxueli/xxl-job 13 https://github.com/quarkusio/quarkus 13 https://github.com/ming-soft/MCMS 13 https://github.com/undertow-io/undertow 13 https://github.com/apache/dolphinscheduler 12 https://github.com/apache/kylin 12 https://github.com/dromara/hutool 12 https://github.com/vaadin/flow 11 https://github.com/igniterealtime/Openfire 11 https://github.com/jenkinsci/git-plugin 10 https://github.com/jquery/jquery 10 https://github.com/spring-projects/spring-security 9 https://github.com/cui2shark/cms 9 https://github.com/apache/lucene-solr 9 https://github.com/DSpace/DSpace 9 https://github.com/Graylog2/graylog2-server 9 https://github.com/jenkinsci/config-file-provider-plugin 8 https://github.com/opensearch-project/security 8 https://github.com/apache/zeppelin 8 https://github.com/hazelcast/hazelcast 8 https://github.com/xwiki/xwiki-commons 8 https://github.com/nahsra/antisamy 8 https://github.com/jflyfox/jfinal_cms 7 https://github.com/apache/xmlgraphics-batik 7 https://github.com/dataease/dataease 7 https://github.com/rundeck/rundeck 7 https://github.com/rubygems/rubygems 7 https://github.com/RhinoSecurityLabs/CVEs 7 https://github.com/ratpack/ratpack 7 https://github.com/vaadin/framework 7 https://github.com/OpenTSDB/opentsdb 7 https://github.com/pgjdbc/pgjdbc 7 https://github.com/jenkinsci/blueocean-plugin 7 https://github.com/jenkinsci/gerrit-trigger-plugin 6 https://github.com/jenkinsci/fortify-on-demand-uploader-plugin 6 https://bitbucket.org/snakeyaml/snakeyaml 6 https://github.com/apache/hadoop 6 https://github.com/http4s/http4s 6 https://github.com/jenkinsci/configuration-as-code-plugin 6 https://github.com/cui2shark/security 6 https://github.com/apache/tika 6 https://github.com/OpenRefine/OpenRefine 6 https://github.com/line/armeria 6 https://github.com/playframework/playframework 6 https://github.com/jenkinsci/electricflow-plugin 6 https://github.com/vert-x3/vertx-web 6 https://github.com/jenkinsci/build-failure-analyzer-plugin 6 https://github.com/jenkinsci/ec2-plugin 6 https://github.com/ls1intum/Ares 6 https://github.com/resteasy/resteasy 6 https://github.com/jquery/jquery-ui 6 https://github.com/ESAPI/esapi-java-legacy 6 https://github.com/DrunkenShells/Disclosures 6 https://github.com/apache/pulsar 6 https://github.com/apache/shenyu 5 https://github.com/jenkinsci/subversion-plugin 5 https://github.com/apache/shiro 5 https://github.com/restlet/restlet-framework-java 5 https://github.com/jenkinsci/github-plugin 5 https://github.com/jenkinsci/gitlab-plugin 5 https://github.com/jenkinsci/support-core-plugin 5 https://github.com/jenkinsci/m2release-plugin 5 https://github.com/protocolbuffers/protobuf 5 https://github.com/grails/grails-core 5 https://github.com/jettison-json/jettison 5 https://github.com/jensdietrich/xshady-release 5 https://github.com/alibaba/nacos 5 https://github.com/apache/karaf 5 https://github.com/h2database/h2database 5 https://github.com/jenkinsci/junit-plugin 5 https://github.com/apache/openmeetings 5 https://github.com/PowerJob/PowerJob 5 https://github.com/jenkinsci/codedx-plugin 5 https://github.com/jenkinsci/workflow-cps-global-lib-plugin 5 https://bitbucket.org/connect2id/nimbus-jose-jwt 5 https://github.com/jenkinsci/active-directory-plugin 5 https://github.com/neo4j-contrib/neo4j-apoc-procedures 5 https://github.com/apiman/apiman 5 https://github.com/JLLeitschuh/security-research 5 https://github.com/apache/geode 5 https://github.com/jenkinsci/publish-over-ssh-plugin 5 https://github.com/jenkinsci/email-ext-plugin 5 https://github.com/OpenAPITools/openapi-generator 5 https://github.com/apache/solr 4 https://github.com/pippo-java/pippo 4 https://github.com/jenkinsci/p4-plugin 4 https://github.com/jenkinsci/rundeck-plugin 4 https://github.com/itext/itext7 4 https://github.com/jenkinsci/ansible-plugin 4 https://github.com/jenkinsci/xldeploy-plugin 4 https://github.com/jenkinsci/htmlpublisher-plugin 4 https://github.com/jenkinsci/hpe-application-automation-tools-plugin 4 https://github.com/xerial/snappy-java 4 https://github.com/jenkinsci/job-config-history-plugin 4 https://github.com/jenkinsci/workflow-cps-plugin 4 https://github.com/skylot/jadx 4 https://github.com/yamcs/yamcs 4 https://github.com/shopizer-ecommerce/shopizer 4 https://github.com/jenkinsci/warnings-ng-plugin 4 https://github.com/aws/aws-iot-device-sdk-java-v2 4 https://github.com/jenkinsci/nexus-platform-plugin 4 https://github.com/nightcloudos/new_cms 4 https://github.com/apache/httpcomponents-client 4 https://github.com/HtmlUnit/htmlunit 4 https://github.com/jfinal/jfinal 4 https://github.com/jenkinsci/fortify-plugin 4 https://github.com/stanfordnlp/corenlp 4 https://github.com/reportportal/reportportal 4 https://github.com/apache/activemq-artemis 4 https://github.com/jenkinsci/gitlab-oauth-plugin 4 https://github.com/ktorio/ktor 4 https://github.com/micronaut-projects/micronaut-core 4 https://github.com/resteasy/Resteasy 4 https://github.com/jenkinsci/libvirt-slave-plugin 4 https://github.com/alkacon/opencms-core 4 https://github.com/infinispan/infinispan 4 https://github.com/jenkinsci/active-choices-plugin 4 https://github.com/apache/syncope 4 https://github.com/jenkinsci/credentials-binding-plugin 4 https://github.com/jenkinsci/matrix-project-plugin 4 https://github.com/apache/santuario-java 3 https://github.com/Rabb1ter/cms 3 https://github.com/ysuzhangbin/cms 3 https://github.com/jenkinsci/scriptler-plugin 3 https://github.com/qos-ch/logback 3 https://github.com/jenkinsci/mercurial-plugin 3 https://github.com/jenkinsci/bitbucket-oauth-plugin 3 https://github.com/google/guava 3 https://github.com/eclipse-vertx/vert.x 3 https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server 3 https://github.com/orientechnologies/orientdb 3 https://github.com/jenkinsci/azure-credentials-plugin 3 https://github.com/eclipse-ee4j/mojarra 3 https://github.com/jenkinsci/azure-vm-agents-plugin 3 https://github.com/OWASP/json-sanitizer 3 https://github.com/eclipse/lemminx 3 https://github.com/jenkinsci/ci-with-toad-edge-plugin 3 https://github.com/jenkinsci/cas-plugin 3 https://github.com/mbechler/marshalsec 3 https://github.com/peteroupc/CBOR-Java 3 https://github.com/pf4j/pf4j 3 https://github.com/apache/storm 3 https://github.com/open-metadata/OpenMetadata 3 https://github.com/jenkinsci/cloudbees-jenkins-advisor-plugin 3 https://github.com/opengoofy/hippo4j 3 https://github.com/Adobe-Consulting-Services/acs-aem-commons 3 https://github.com/matrix-org/matrix-android-sdk2 3 https://github.com/jenkinsci/nomad-plugin 3 https://github.com/AsyncHttpClient/async-http-client 3 https://github.com/apache/james-project 3 https://github.com/LetianYuan/My-CVE-Public-References 3 https://github.com/jeremylong/DependencyCheck 3 https://github.com/javamelody/javamelody 3 https://svn.apache.org/viewvc/lucene/dev 3 https://github.com/jenkinsci/git-parameter-plugin 3 https://github.com/apache/jackrabbit 3 https://github.com/jenkinsci/gitlab-branch-source-plugin 3 https://github.com/jenkinsci/git-client-plugin 3 https://github.com/jhy/jsoup 3 https://github.com/codehaus-plexus/plexus-utils 3 https://github.com/apache/geronimo 3 https://github.com/apache/flume 3 https://github.com/Jarvis-616/cms 3 https://github.com/jenkinsci/embeddable-build-status-plugin 3 https://github.com/apache/dubbo 3 https://bitbucket.org/b_c/jose4j 3 https://github.com/jenkinsci/crx-content-package-deployer-plugin 3 https://github.com/jenkinsci/cvs-plugin 3 https://svn.apache.org/viewvc/tomcat/tc7.0.x 3 https://github.com/apache/derby 3 https://github.com/apache/cxf-fediz 3 https://github.com/wso2/carbon-registry 3 https://github.com/apache/commons-configuration 3 https://github.com/intranda/goobi-viewer-core 3 https://github.com/joniles/mpxj 3