Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

maven Security Advisories

Loading...
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRyamYtbXhmbS05OGg1
SQL injection vulnerability in the policy admin tool in Apache Ranger
Ecosystems: maven
Packages: org.apache.ranger:ranger
Source: GitHub Advisory Database
Blast Radius: 2.2
Published: over 5 years ago
High
GSA_kwCzR0hTQS1xcTM4LW14cHEtcnJwas4AAlYT
Improper authorization of users and groups with the same base name in Jenkins GitLab Authentication Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:gitlab-oauth
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1jZnZ3LTg0dnEtNDNteM4AAlX_
Stored XSS vulnerability in Jenkins Deployer Framework Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:deployer-framework
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS13cDM1LTZqcXYtcjMzbc4AAUrX
Apache XML-RPC XXE Vulnerability
Ecosystems: maven
Packages: org.apache.xmlrpc:xmlrpc
Source: GitHub Advisory Database
Blast Radius: 10.5
Published: about 2 years ago
High
GSA_kwCzR0hTQS1yd3FyLW03MnEtdjZjbc4AAvib
Untrusted code execution in Apache XML Graphics Batik
Ecosystems: maven
Packages: org.apache.xmlgraphics:batik
Source: GitHub Advisory Database
Blast Radius: 5.8
Published: over 1 year ago
High
GSA_kwCzR0hTQS1oOHc2LWM1M2ctNTN2ds4AAjSU
Missing permission checks in Jenkins Sounds Plugin allow OS command execution
Ecosystems: maven
Packages: org.jenkins-ci.plugins:sounds
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpnY3ItZmczZy1xdnc4
Improper permission handling in Apache Solr
Ecosystems: maven
Packages: org.apache.solr:solr-core
Source: GitHub Advisory Database
Blast Radius: 27.7
Published: about 3 years ago
High
GSA_kwCzR0hTQS0yY3hnLTQ0OGgtNHd4as4AAiu_
Jenkins Support Core Plugin allowed users with Overall/Read permission to delete arbitrary files
Ecosystems: maven
Packages: org.jenkins-ci.plugins:support-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1xNzJwLTR3NTYtaHg3aM4AAtkq
Hardcoded JWT Token in Lin CMS Spring Boot
Ecosystems: maven
Packages: io.github.talelin:lin-cms-core
Source: GitHub Advisory Database
Blast Radius: 3.6
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1nbTYyLXJ3NGctdnJjNM4AA3hi
Logback is vulnerable to an attacker mounting a Denial-Of-Service attack by sending poisoned data
Ecosystems: maven
Packages: ch.qos.logback:logback-core
Source: GitHub Advisory Database
Blast Radius: 32.9
Published: 5 months ago
High
GSA_kwCzR0hTQS0yMnY3LXc2YzUtdjRycs4AAdYW
Apache Ranger Access Restriction Bypass
Ecosystems: maven
Packages: org.apache.ranger:ranger
Source: GitHub Advisory Database
Blast Radius: 2.6
Published: almost 2 years ago
High
GSA_kwCzR0hTQS0ycHZqLXA0ODUtY3Azbc4AAvIh
matrix-android-sdk2 vulnerable to impersonation via forwarded Megolm sessions
Ecosystems: maven
Packages: org.matrix.android:matrix-android-sdk2
Source: GitHub Advisory Database
Blast Radius: 5.2
Published: over 1 year ago
High
GSA_kwCzR0hTQS00OGc5LWg3ZzUtOHB3Ms4AAygU
Jenkins Convert To Pipeline Plugin vulnerable to cross-site request forgery
Ecosystems: maven
Packages: org.jenkins-ci.plugins:convert-to-pipeline
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
High
GSA_kwCzR0hTQS02dmdoLTlyM2MtMmN4cM4AAyu8
Improper Neutralization of Script-Related HTML Tags (XSS) in the LiveTable Macro
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-web-standard, org.xwiki.platform:xwiki-platform-web, org.xwiki.platform:xwiki-platform-web-templates, org.xwiki.platform:xwiki-platform-flamingo, org.xwiki.platform:xwiki-platform-flamingo-skin, org.xwiki.platform:xwiki-platform-flamingo-skin-resources
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
High
GSA_kwCzR0hTQS1jeGdmLXYycDgtN3BoN84AAvIg
NuProcess vulnerable to command-line injection through insertion of NUL character(s)
Ecosystems: maven
Packages: com.zaxxer:nuprocess
Source: GitHub Advisory Database
Blast Radius: 17.5
Published: over 1 year ago
High
GSA_kwCzR0hTQS02eDJ3LWd3Z2YtNXJnM84AAie5
Jenkins Deploy WebLogic Plugin cross-site request forgery vulnerability
Ecosystems: maven
Packages: org.jenkins-ci.plugins:weblogic-deployer-plugin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS05ZmM3LXJocTMtd203eM4AAdKW
Apache Jackrabbit Authentication Hijacking Vulnerability
Ecosystems: maven
Packages: org.apache.jackrabbit:jackrabbit-webdav
Source: GitHub Advisory Database
Blast Radius: 22.5
Published: almost 2 years ago
High
GSA_kwCzR0hTQS04bXBwLWYzZjcteGMyOM4AAtJN
Jetty SslConnection does not release pooled ByteBuffers in case of errors
Ecosystems: maven
Packages: org.eclipse.jetty:jetty-server
Source: GitHub Advisory Database
Blast Radius: 34.0
Published: almost 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWh4ODMtcnBxZi1tMjY3
user/group information can be corrupted across storing in fsimage and reading back from fsimage
Ecosystems: maven
Packages: org.apache.hadoop:hadoop-main
Source: GitHub Advisory Database
Blast Radius: 6.8
Published: over 4 years ago
High
GSA_kwCzR0hTQS02cXg5LXJmOWctN2ptcs4AAdyR
Improper Input Validation in Drools and jBPM
Ecosystems: maven
Packages: org.jbpm:jbpm-bpmn2, org.drools:drools-core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1ncWhtLTRoOTMtcnJoZ84AASlD
Jenkins Script Security and Pipeline Groovy Plugins Sandbox Bypass
Ecosystems: maven
Packages: org.jenkins-ci.plugins:script-security, org.jenkins-ci.plugins.workflow:workflow-cps
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWo5d3ItNDl2cS1ybTVn
Server classes and resources exposure in OSGi applications using Vaadin 12-14 and 19
Ecosystems: maven
Packages: com.vaadin:vaadin-bom
Source: GitHub Advisory Database
Blast Radius: 31.3
Published: about 3 years ago
High
GSA_kwCzR0hTQS14MjdtLTl3OGotNXZjd84AAu50
Jettison memory exhaustion
Ecosystems: maven
Packages: org.codehaus.jettison:jettison
Source: GitHub Advisory Database
Blast Radius: 29.9
Published: over 1 year ago
High
GSA_kwCzR0hTQS13N2YyLWdqeGYtMmdtOc4AAWDy
Improper Neutralization of Special Elements used in a Command in Apache Cassandra
Ecosystems: maven
Packages: org.apache.cassandra:apache-cassandra
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS1qZ3BtLTI4NjItcTVtOM33nQ
Jenkins Script Security Plugin sandbox bypass vulnerability
Ecosystems: maven
Packages: org.jenkins-ci.plugins:script-security
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS1oajU1LTlqbXYtOWpyas4AA4lj
Sandbox escape in Artemis Java Test Sandbox
Ecosystems: maven
Packages: de.tum.in.ase:artemis-java-test-sandbox
Source: GitHub Advisory Database
Blast Radius: 6.5
Published: 4 months ago
High
GSA_kwCzR0hTQS13aGY4LTNoNTgtMnc5Zs4AAQ7k
Jenkins Warnings Next Generation Plugin cross-site request forgery vulnerability
Ecosystems: maven
Packages: io.jenkins.plugins:warnings-ng
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS1jbTU5LXByNXEtY3c4Nc4AAtM-
Temporary Directory Hijacking to Local Privilege Escalation Vulnerability in org.springframework.boot:spring-boot
Ecosystems: maven
Packages: org.springframework.boot:spring-boot
Source: GitHub Advisory Database
Blast Radius: 31.5
Published: almost 2 years ago
High
GSA_kwCzR0hTQS00bTM4LWdxaDgteDI2Ns4AAUWQ
CSRF vulnerability in Email Extension Template Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:email-ext
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS1yNW04LTVtd3gtY21qOM4AAUWS
CSRF vulnerability in Config File Provider Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:config-file-provider
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS00dnFwLXBjbTMtNzN4cM4AA1Vs
Jenkins Folders Plugin cross-site request forgery vulnerability
Ecosystems: maven
Packages: org.jenkins-ci.plugins:cloudbees-folder
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 months ago
High
GSA_kwCzR0hTQS0zaHZjLXh3anAteHI4bc4AASkb
Liquibase Runner Plugin allows users to load arbitrary Java code into controller JVM
Ecosystems: maven
Packages: org.jenkins-ci.plugins:liquibase-runner
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS1jOTk4LWM0ZjYtdmp3Ms4AAi-z
Jenkins Team Concert Plugin missing permission check
Ecosystems: maven
Packages: org.jenkins-ci.plugins:teamconcert
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1xY3dxLTU1aHgtdjN2aM4AAz4D
snappy-java's unchecked chunk length leads to DoS
Ecosystems: maven
Packages: org.xerial.snappy:snappy-java
Source: GitHub Advisory Database
Blast Radius: 30.0
Published: 11 months ago
High
GSA_kwCzR0hTQS05aDl2LXJmaDYtamYzd84AAi-8
Jenkins Team Concert Plugin cross-site request forgery vulnerability
Ecosystems: maven
Packages: org.jenkins-ci.plugins:teamconcert
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZ3eGotNm01bS1ycnZo
The REST Plugin in Apache Struts is using an outdated XStream library
Ecosystems: maven
Packages: org.apache.struts:struts2-rest-plugin
Source: GitHub Advisory Database
Blast Radius: 17.4
Published: over 5 years ago
High
GSA_kwCzR0hTQS1neDY5LTZjcDQtaHhyas38Wg
RubyGems Link Following vulnerability
Ecosystems: maven, rubygems
Packages: org.jruby:jruby-stdlib, rubygems-update
Source: GitHub Advisory Database
Blast Radius: 27.8
Published: about 2 years ago
High
GSA_kwCzR0hTQS00NDNtLTNmcjYtdzh3as4AA1Xk
PowerJob incorrect access control vulnerability
Ecosystems: maven
Packages: tech.powerjob:powerjob
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 months ago
High
GSA_kwCzR0hTQS1obW03LTZwaDktOGpmMs4AAyuz
org.xwiki.platform:xwiki-platform-livedata-macro vulnerable to Basic Cross-site Scripting
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-livedata-macro
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
High
GSA_kwCzR0hTQS05N2dtLW1jdjYtY3Bobc4AAcGB
Shell command injection in Liferay Portal
Ecosystems: maven
Packages: com.liferay.portal:portal-service, com.liferay.portal:portal-impl
Source: GitHub Advisory Database
Blast Radius: 24.5
Published: almost 2 years ago
High
GSA_kwCzR0hTQS03bWY1LTc5Z3YtNjZnaM4AAi-o
Jenkins Maven Release Plug-in Plugin XXE vulnerability
Ecosystems: maven
Packages: org.jenkins-ci.plugins.m2release:m2release
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1wOXFqLTRyanAtajN3Oc3t6Q
Apache Directory Studio Command Injection
Ecosystems: maven
Packages: org.apache.directory.studio:org.apache.directory.studio.ldapbrowser.core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS04aHY3LTR2ZmMtdzhwZ84AAtDH
Cross-site Scripting in Jenkins TestNG Results Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:testng-plugin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS01NGYzLWM2aGctODY1aM4AA3xn
Allocation of Resources Without Limits in Keycloak
Ecosystems: maven
Packages: org.keycloak:keycloak-model-jpa
Source: GitHub Advisory Database
Blast Radius: 16.8
Published: 5 months ago
High
GSA_kwCzR0hTQS12cm13LTJ4aHEtaHJtcM4AAlGm
Wildfly Unsafe Deserialization Vulnerability
Ecosystems: maven
Packages: org.wildfly:wildfly-parent
Source: GitHub Advisory Database
Blast Radius: 13.6
Published: almost 2 years ago
High
GSA_kwCzR0hTQS04Mjk0LW12OWMtN201aM4AAts5
Stored XSS vulnerability in Jenkins Maven Metadata Plugin for Jenkins CI server plugin
Ecosystems: maven
Packages: eu.markov.jenkins.plugin.mvnmeta:maven-metadata-plugin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTUzeDYtNHg1cC1ycnZ2
Denial of Service in Apache Commons Compress
Ecosystems: maven
Packages: io.github.1tchy.java9modular.org.apache.commons:commons-compress, org.apache.commons:commons-compress
Source: GitHub Advisory Database
Blast Radius: 32.8
Published: over 4 years ago
High
GSA_kwCzR0hTQS1ybTIzLTZtd3YtOHE5cc4AAtEW
XML External Entity Reference in Jenkins Recipe Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:recipe
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS0zNjJwLTU2YzktcTI3M84AAiYq
Jenkins iceScrum Plugin stores credentials in Cleartext
Ecosystems: maven
Packages: org.jenkins-ci.plugins:icescrum
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1qMzNyLWNnbTYtcHY0OM4AAtDI
Missing Authorization in Jenkins Recipe Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:recipe
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA1eHAtNnZwZi1qd3Zo
Improper Input Validation and Cross-Site Request Forgery in Keycloak
Ecosystems: maven
Packages: org.keycloak:keycloak-core
Source: GitHub Advisory Database
Blast Radius: 26.9
Published: over 4 years ago
High
GSA_kwCzR0hTQS0ydjZyLWpmMmctajVxNc4AAtDc
Cross-site Scripting in Jenkins Rich Text Publisher Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:rich-text-publisher-plugin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS13MjU3LWY3cWotNHZycc4AAtEU
Cross-site Scripting in Jenkins eXtreme Feedback Panel Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:xfpanel
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1odjU0LWNjOGYtNDJqcc4AAtDf
Cross-Site Request Forgery in Jenkins Recipe Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:recipe
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS00ZjhnLWZxNngtanFycs4AAyun
org.xwiki.platform:xwiki-platform-oldcore vulnerable to data leak through deleted documents
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-oldcore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
High
GSA_kwCzR0hTQS1wMnZtLTg4cmctd2ZyMs4AAmuR
XML injection in Crafter CMS
Ecosystems: maven
Packages: org.craftercms:crafter-core
Source: GitHub Advisory Database
Blast Radius: 6.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1yNXgzLTI0NDYtaHJwN84AAXbh
Race Condition in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS1wMmY3LTljdjctampmNs4AAuuI
Goomph before 3.37.2 allows malicious zip file to write contents to arbitrary locations
Ecosystems: maven
Packages: com.diffplug.gradle:goomph
Source: GitHub Advisory Database
Blast Radius: 19.5
Published: over 1 year ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXI2ajktODc1OS1nNjJ3
Improper Restriction of XML External Entity Reference in jackson-mapper-asl
Ecosystems: maven
Packages: org.codehaus.jackson:jackson-mapper-asl
Source: GitHub Advisory Database
Blast Radius: 36.3
Published: over 4 years ago
High
GSA_kwCzR0hTQS1ybXI1LWNwdjItdmdqZs0n7Q
Denial of Service by injecting highly recursive collections or maps in XStream
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: GitHub Advisory Database
Blast Radius: 33.0
Published: over 2 years ago
High
GSA_kwCzR0hTQS1xdzRoLTN4amotODRjY84AA3d-
Apache Tiles: Unvalidated input may lead to path traversal and XXE
Ecosystems: maven
Packages: org.apache.tiles:tiles-core
Source: GitHub Advisory Database
Blast Radius: 29.2
Published: 6 months ago
High
GSA_kwCzR0hTQS1majdjLXZnMnYtY2Nybc4AAtaA
Undertow vulnerable to memory exhaustion due to buffer leak
Ecosystems: maven
Packages: io.undertow:undertow-core
Source: GitHub Advisory Database
Blast Radius: 27.9
Published: almost 2 years ago
High
GSA_kwCzR0hTQS02NXI2LXc3dnItYzc1cs4AAs8t
Cross-site Scripting in Jenkins Agent Server Parameter Plugin
Ecosystems: maven
Packages: io.jenkins.plugins:agent-server-parameter
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS0zMmoyLWM3bXgtdjRqas4AA3kp
Cross-Site Request Forgery in JFinalCMS via /admin/nav/update
Ecosystems: maven
Packages: com.jfinal:jfinal
Source: GitHub Advisory Database
Blast Radius: 25.8
Published: 5 months ago
High
GSA_kwCzR0hTQS03cmpwLWZnd2otNDdyd80mjQ
Missing authentication in ShenYu
Ecosystems: maven
Packages: org.apache.shenyu:shenyu-common
Source: GitHub Advisory Database
Blast Radius: 12.3
Published: over 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1tN20teGc0aC02bTUy
Allocation of Resources Without Limits or Throttling in Apache Tika
Ecosystems: maven
Packages: org.apache.tika:tika-core
Source: GitHub Advisory Database
Blast Radius: 29.5
Published: almost 5 years ago
High
GSA_kwCzR0hTQS1jNHBtLTYzY2ctOWo3aM4AAwNS
Yauaa vulnerable to ArrayIndexOutOfBoundsException triggered by a crafted Sec-Ch-Ua-Full-Version-List
Ecosystems: maven
Packages: nl.basjes.parse.useragent:yauaa-trino, nl.basjes.parse.useragent:yauaa-snowflake, nl.basjes.parse.useragent:yauaa-nifi-processors, nl.basjes.parse.useragent:yauaa-logparser, nl.basjes.parse.useragent:yauaa-hive, nl.basjes.parse.useragent:yauaa-flink-table, nl.basjes.parse.useragent:yauaa-flink, nl.basjes.parse.useragent:yauaa-elasticsearch-8, nl.basjes.parse.useragent:yauaa-elasticsearch, nl.basjes.parse.useragent:yauaa-drill, nl.basjes.parse.useragent:yauaa-beam-sql, nl.basjes.parse.useragent:yauaa-beam, nl.basjes.parse.useragent:yauaa
Source: GitHub Advisory Database
Blast Radius: 19.0
Published: over 1 year ago
High
GSA_kwCzR0hTQS0yMjdnLTdjdnYtNmZmM84AAtYv
Apache Tapestry 5.8.1 vulnerable to ReDoS via Content Types causing catastrophic backtracking
Ecosystems: maven
Packages: org.apache.tapestry:tapestry-core
Source: GitHub Advisory Database
Blast Radius: 21.6
Published: almost 2 years ago
High
GSA_kwCzR0hTQS03NTU4LTZxNDUtNng3bc4AAs8y
Cross-site Scripting in Jenkins Dynamic Extended Choice Parameter Plugin
Ecosystems: maven
Packages: com.moded.extendedchoiceparameter:dynamic_extended_choice_parameter
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1td3ZxLWdjNXctbTc4Zs4AA3kh
Cross-Site Request Forgery in JFinalCMS via /admin/category/delete
Ecosystems: maven
Packages: com.jfinal:jfinal
Source: GitHub Advisory Database
Blast Radius: 25.8
Published: 5 months ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc2OXctanZjNy13amd2
Undertow Missing Authorization when requesting a protected directory without trailing slash
Ecosystems: maven
Packages: io.undertow:undertow-servlet
Source: GitHub Advisory Database
Blast Radius: 26.7
Published: almost 5 years ago
High
GSA_kwCzR0hTQS1wNjdxLWg4OHYtNWpncs4AAy54
XWiki Platform vulnerable to code injection from account/view through VFS Tree macro
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-vfs-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
High
GSA_kwCzR0hTQS0zaGpnLWNnaHYtMjJ3d84AAy52
org.xwiki.platform:xwiki-platform-attachment-ui vulnerable to Code Injection
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-attachment-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
High
GSA_kwCzR0hTQS14M2NyLXg5NDktaDVqds4AAUbI
RDF4J vulnerable to zip slip
Ecosystems: maven
Packages: org.eclipse.rdf4j:rdf4j
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: about 2 years ago
High
GSA_kwCzR0hTQS14OTV3LXFmM20tcHFweM4AAs82
Cross-site Scripting in Jenkins Filesystem List Parameter Plugin
Ecosystems: maven
Packages: aendter.jenkins.plugins:filesystem-list-parameter-plugin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1yZjVxLThneDMteHFmY84AAYZy
Cross-Site Request Forgery in Jenkins Git Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:git
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1oYzQ0LXAycXEtY2ZtOc4AAs8k
Cross-site Scripting in Jenkins CRX Content Package Deployer Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:crx-content-package-deployer
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS01MjQ3LXdodmotODNxd84AAs89
Cross-site Scripting in Jenkins Maven Metadata Plugin
Ecosystems: maven
Packages: eu.markov.jenkins.plugin.mvnmeta:maven-metadata-plugin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS02ODgyLTM4NXAtaGhod84AAs87
Cross-site Scripting in Jenkins ontrack Jenkins Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:ontrack
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1ncHc0LTdtY3ctbTh2eM4AAs8Z
Cross-site Scripting in Jenkins Package Version Plugin
Ecosystems: maven
Packages: org.lilicurroad.jenkins:packageversion
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1wdjNnLXZjM3EtOGM5Z84AA3kt
Cross-Site Request Forgery in JFinalCMS via admin/nav/delete
Ecosystems: maven
Packages: com.jfinal:jfinal
Source: GitHub Advisory Database
Blast Radius: 25.8
Published: 5 months ago
High
GSA_kwCzR0hTQS00Mzh3LXJqajktNWZqZs4AAs85
Cross-site Scripting in Jenkins Repository Connector Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:repository-connector
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS14ODY5LTc4NG0tam1qMs4AASbZ
Denial of service in Apache Mesos
Ecosystems: maven
Packages: org.apache.mesos:mesos
Source: GitHub Advisory Database
Blast Radius: 22.4
Published: about 2 years ago
High
GSA_kwCzR0hTQS01aDZ4LW01MnAtMjNwaM4AAggM
Improper Certificate Validation in Apache Qpid Proton
Ecosystems: maven
Packages: org.apache.qpid:proton-j
Source: GitHub Advisory Database
Blast Radius: 20.2
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1mY3FyLWdoOHctd204Zs4AAs8o
Cross-site Scripting in Jenkins Readonly Parameter Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:readonly-parameters
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS12cGN2LTc4Y3Atd2hyM84AAShw
Use after free in Apache Mesos
Ecosystems: maven
Packages: org.apache.mesos:mesos
Source: GitHub Advisory Database
Blast Radius: 22.4
Published: about 2 years ago
High
GSA_kwCzR0hTQS1tM2MzLTlxajctN3hteM4AAy50
Exposure of Sensitive Information to an Unauthorized Actor in org.xwiki.platform:xwiki-platform-office-viewer
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-office-viewer
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
High
GSA_kwCzR0hTQS04OHI5LWhmajItNTRods4AAs9C
Cross-site Scripting in Jenkins Stash Branch Parameter Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:StashBranchParameter
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1odjRjLXY4ajgtNTRjd84AA3ki
Cross-Site Request Forgery in JFinalCMS via /admin/nav/save
Ecosystems: maven
Packages: com.jfinal:jfinal
Source: GitHub Advisory Database
Blast Radius: 25.8
Published: 5 months ago
High
GSA_kwCzR0hTQS13djg4LXBmNzMteDIycM4AAa4I
Improper Neutralization of Directives in Dynamically Evaluated Code in Spring Framework
Ecosystems: maven
Packages: org.springframework:spring-core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1qeDd4LXJmM2YtajY0NM4AA2ry
Jenkins CloudBees CD Plugin vulnerable to arbitrary file deletion
Ecosystems: maven
Packages: org.jenkins-ci.plugins:electricflow
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
High
GSA_kwCzR0hTQS13NDVqLWY1ZzUtdzk0eM4AAurf
Apache James vulnerable to buffering attack
Ecosystems: maven
Packages: org.apache.james:james-server
Source: GitHub Advisory Database
Blast Radius: 8.8
Published: over 1 year ago
High
GSA_kwCzR0hTQS1qNDcyLW1jcTItOTVwNs4AATfe
OS Command Injection in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS13aG1xLXY5NHEtMzRwOc4AATQ8
Improper Control of Generation of Code in Apache Struts
Ecosystems: maven
Packages: org.apache.struts:struts2-core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS1wNnhjLXhyNjItNnIyZ80dEw
Apache Log4j2 vulnerable to Improper Input Validation and Uncontrolled Recursion
Ecosystems: maven
Packages: org.apache.logging.log4j:log4j-core
Source: GitHub Advisory Database
Blast Radius: 42.3
Published: over 2 years ago
High
GSA_kwCzR0hTQS1wcHd2LW12cWctcTg5aM4AAgZD
Cross-site Scripting in Jenkins Autocomplete Parameter Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:autocomplete-parameter
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS0yd3Z2LXBoaHctcXZtY84AAzWz
Jenkins Pipeline: Job Plugin vulnerable to stored Cross-site Scripting
Ecosystems: maven
Packages: org.jenkins-ci.plugins.workflow:workflow-job
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 12 months ago
High
GSA_kwCzR0hTQS14dzZqLW1xNnYtcG12Ns4AAzWs
Jenkins SAML Single Sign On(SSO) Plugin Cross-Site Request Forgery vulnerability
Ecosystems: maven
Packages: io.jenkins.plugins:miniorange-saml-sp
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 12 months ago
High
GSA_kwCzR0hTQS1oZmpyLW03NW0td21oN84AAifN
Jenkins Zulip Plugin vulnerable to Insufficiently Protected Credentials
Ecosystems: maven
Packages: org.jenkins-ci.plugins:zulip
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1qd3gzLTJocTMtNjgyY84AA2rF
Jenkins Edgewall Trac Plugin vulnerable to Stored XSS
Ecosystems: maven
Packages: org.jenkins-ci.plugins:trac
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
Statistics
Advisories: 18,592
Packages: 8,342
Repositories: 972
Ecosystems: 12
Filter by Severity
Moderate 8,062 High 6,401 Critical 2,824 Low 1,013
Filter by Ecosystem
maven 5,572 pypi 3,844 packagist 3,834 npm 3,559 go 1,928 nuget 1,422 rubygems 816 cargo 780 swift 31 hex 30 actions 16 pub 8
Filter by Package
org.jenkins-ci.main:jenkins-core 189 org.apache.tomcat:tomcat 134 com.fasterxml.jackson.core:jackson-databind 69 org.apache.struts:struts2-core 55 org.keycloak:keycloak-core 47 com.liferay.portal:release.portal.bom 45 com.jfinal:jfinal 36 com.thoughtworks.xstream:xstream 36 org.apache.tomcat.embed:tomcat-embed-core 36 net.mingsoft:ms-mcms 35 org.xwiki.platform:xwiki-platform-oldcore 34 org.elasticsearch:elasticsearch 32 org.jenkins-ci.plugins:script-security 32 org.keycloak:keycloak-services 27 io.undertow:undertow-core 27 org.keycloak:keycloak-parent 25 org.apache.solr:solr-core 25 org.eclipse.jetty:jetty-server 23 org.springframework.security:spring-security-core 23 org.bouncycastle:bcprov-jdk14 22 org.apache.nifi:nifi 22 org.apache.openmeetings:openmeetings-parent 21 org.cloudfoundry.identity:cloudfoundry-identity-server 20 org.springframework:spring-core 19 com.vaadin:vaadin-bom 18 com.liferay.portal:release.dxp.bom 18 org.xwiki.platform:xwiki-platform-web-templates 17 org.apache.geode:geode-core 17 org.apache.dubbo:dubbo 16 org.apache.activemq:activemq-client 16 org.bouncycastle:bcprov-jdk15 16 org.apache.jspwiki:jspwiki-main 15 org.apache.struts.xwork:xwork-core 15 org.xwiki.platform:xwiki-platform-web 14 org.apache.inlong:manager-pojo 14 org.apache.cxf:cxf 13 org.apache.hadoop:hadoop-main 13 org.jenkins-ci.plugins.workflow:workflow-cps 12 org.bouncycastle:bcprov-jdk15on 12 org.apache.dolphinscheduler:dolphinscheduler 12 com.vaadin:flow-server 12 org.jenkins-ci.plugins:git 12 org.jenkins-ci.plugins:email-ext 11 org.mortbay.jetty:jetty 11 org.apache.james:james-server 11 org.apache.camel:camel-core 11 org.igniterealtime.openfire:parent 11 org.apache.cxf:cxf-core 11 org.apache.ranger:ranger 11 org.apache.hadoop:hadoop-common 11 org.apache.jspwiki:jspwiki-war 11 org.jeecgframework.boot:jeecg-boot-common 11 org.apache.tomcat:tomcat-coyote 11 org.apache.commons:commons-compress 11 org.apache.tika:tika-core 11 com.xuxueli:xxl-job 11 org.jeecgframework.boot:jeecg-boot-parent 11 org.apache.inlong:manager-service 10 io.netty:netty 10 org.jboss.netty:netty 10 org.jenkins-ci.plugins.workflow:workflow-cps-global-lib 10 org.xwiki.platform:xwiki-platform-administration-ui 10 io.jenkins:configuration-as-code 9 org.jenkins-ci.plugins:active-directory 9 org.jenkins-ci.plugins:electricflow 9 org.bouncycastle:bcprov-jdk15to18 9 com.sonyericsson.jenkins.plugins.bfa:build-failure-analyzer 9 org.apache.hive:hive 9 org.apache.xmlgraphics:batik 9 org.apache.shiro:shiro-core 9 org.springframework:spring-web 9 org.opennms:opennms 9 org.apache.archiva:archiva 9 org.apache.tapestry:tapestry-core 9 cn.hutool:hutool-core 9 org.craftercms:crafter-studio 9 org.opencrx:opencrx-core-models 9 org.webjars.npm:jquery 9 org.apache.tomcat:tomcat-catalina 9 org.jenkins-ci.plugins:config-file-provider 9 org.springframework:spring-webmvc 9 jquery 9 jquery-rails 9 org.graylog2:graylog2-server 8 org.apache.kylin:kylin 8 org.apache.hive:hive-exec 8 com.hazelcast:hazelcast 8 org.jenkins-ci.plugins:ec2 8 jQuery 8 org.apache.zeppelin:zeppelin 8 org.opencms:opencms-core 8 org.apache.ozone:ozone-main 8 org.apache.santuario:xmlsec 8 io.jenkins.blueocean:blueocean 8 org.yaml:snakeyaml 8 org.postgresql:postgresql 8 org.apache.pdfbox:pdfbox 8 mysql:mysql-connector-java 8 org.apache.ambari:ambari 8 org.apache.cxf:apache-cxf 7 jquery-ui 7 org.apache.atlas:atlas-common 7 org.jenkins-ci.plugins:subversion 7 org.apache.hive:hive-service 7 jquery-ui-rails 7 io.jenkins.plugins:warnings-ng 7 org.jenkins-ci.plugins:rundeck 7 org.owasp.esapi:esapi 7 org.jenkins-ci.plugins:artifactory 7 org.apache.logging.log4j:log4j-core 7 org.apache.activemq:activemq-parent 7 io.dataease:dataease-plugin-common 7 org.apache.karaf:apache-karaf 7 org.jenkins-ci.plugins:mercurial 7 org.apache.linkis:linkis 7 org.jboss.resteasy:resteasy-client 7 org.jenkins-ci.plugins:jobConfigHistory 7 rubygems-update 7 org.jruby:jruby-stdlib 7 org.apache.inlong:manager-web 7 io.jenkins.plugins:cavisson-ns-nd-integration 7 org.apache.poi:poi 7 org.silverpeas.core:silverpeas-core-web 7 net.opentsdb:opentsdb 7 org.jenkins-ci.plugins:openshift-deployer 7 org.apache.tika:tika 7 org.owasp.antisamy:antisamy 7 io.jenkins.plugins:miniorange-saml-sp 7 org.jeecgframework.boot:jeecg-boot-base 7 jQuery.UI.Combined 7 org.apache.spark:spark-core_2.11 7 io.atomix:atomix 7 org.apache.derby:derby 7 org.webjars.npm:jquery-ui 7 org.apache.solr:solr-parent 6 org.jenkins-ci.plugins:gitlab-oauth 6 com.jflyfox:jflyfox_jfinal 6 cn.hutool:hutool-json 6 org.xwiki.commons:xwiki-commons-xml 6 de.tum.in.ase:artemis-java-test-sandbox 6 org.opensearch.plugin:opensearch-security 6 io.netty:netty-handler 6 commons-fileupload:commons-fileupload 6 org.apache.shenyu:shenyu-common 6 org.apache.mesos:mesos 6 org.jenkins-ci.plugins:repository-connector 6 org.apache.axis:axis 6 com.sonyericsson.hudson.plugins.gerrit:gerrit-trigger 6 org.jenkins-ci.plugins:azure-vm-agents 6 org.apache.spark:spark-core_2.10 6 org.apache.syncope:syncope-core 6 org.opencastproject:opencast-kernel 6 io.netty:netty-codec-http 6 org.apache.pulsar:pulsar-broker 6 org.apache.httpcomponents:httpclient 6 org.jenkins-ci.plugins:ec2-deployment-dashboard 6 org.apache.storm:storm-core 6 org.csanchez.jenkins.plugins:kubernetes 6 axis:axis 6 org.jenkins-ci.plugins:fortify-on-demand-uploader 6 org.bouncycastle:bcprov-jdk18on 6 com.xebialabs.deployit.ci:deployit-plugin 6 org.jenkins-ci.plugins:pipeline-maven 6 hudson.plugins:project-inheritance 6 tech.powerjob:powerjob 6 org.apache.struts:struts2-rest-plugin 6 org.jenkins-ci.plugins:publish-over-ssh 5 org.jenkins-ci.plugins.m2release:m2release 5 org.jboss.resteasy:resteasy-bom 5 org.dspace:dspace-jspui 5 org.apache.hadoop:hadoop-client 5 org.jeecgframework.boot:jeecg-boot-base-core 5 org.neo4j.procedure:apoc 5 org.xwiki.platform:xwiki-platform-appwithinminutes-ui 5 com.vaadin:vaadin-server 5 org.jenkins-ci.plugins:ghprb 5 org.apache.cassandra:cassandra-all 5 org.jenkins-ci.plugins:junit 5 info.magnolia:magnolia-core 5 xerces:xercesImpl 5 com.alibaba:dubbo 5 org.springframework.amqp:spring-amqp 5 org.biouno:uno-choice 5 io.projectreactor.netty:reactor-netty-http 5 org.jenkins-ci.plugins:openid 5 org.jenkins-ci.plugins:htmlpublisher 5 struts:struts 5 com.coravy.hudson.plugins.github:github 5 org.zenframework.z8.dependencies.commons:log4j-1.2.17 5 log4j:log4j 5 org.jenkins-ci.plugins:google-login 5 org.apache.druid:druid 5 io.vertx:vertx-core 5 org.jenkins-ci.plugins:credentials 5 org.opennms:opennms-webapp 5 org.bouncycastle:bcprov-ext-jdk15on 5 com.synopsys.jenkinsci:ownership 5 io.vertx:vertx-web 5 org.jenkins-ci.plugins:sinatra-chef-builder 5 org.wildfly:wildfly-parent 5
Filter by Repository
https://github.com/xwiki/xwiki-platform 172 https://github.com/jenkinsci/jenkins 148 https://github.com/apache/tomcat 96 https://github.com/FasterXML/jackson-databind 70 https://github.com/keycloak/keycloak 58 https://github.com/apache/struts 46 https://github.com/spring-projects/spring-framework 41 https://github.com/x-stream/xstream 36 https://github.com/apache/activemq 33 https://github.com/CVEProject/cvelist 28 https://github.com/apache/inlong 26 https://github.com/eclipse/jetty.project 23 https://github.com/jenkinsci/script-security-plugin 21 https://github.com/apache/nifi 21 https://github.com/OpenNMS/opennms 20 https://github.com/jeecgboot/jeecg-boot 20 https://github.com/netty/netty 20 https://github.com/bcgit/bc-java 19 https://github.com/apache/cxf 19 https://github.com/cloudfoundry/uaa 19 https://github.com/vaadin/platform 17 https://github.com/opencast/opencast 16 https://github.com/apache/camel 15 https://github.com/geoserver/geoserver 15 https://github.com/quarkusio/quarkus 13 https://github.com/ming-soft/MCMS 13 https://github.com/undertow-io/undertow 13 https://github.com/xuxueli/xxl-job 13 https://github.com/apache/kylin 12 https://github.com/dromara/hutool 12 https://github.com/apache/dolphinscheduler 12 https://github.com/vaadin/flow 11 https://github.com/igniterealtime/Openfire 11 https://github.com/jenkinsci/git-plugin 10 https://github.com/jquery/jquery 10 https://github.com/DSpace/DSpace 9 https://github.com/cui2shark/cms 9 https://github.com/apache/lucene-solr 9 https://github.com/spring-projects/spring-security 9 https://github.com/Graylog2/graylog2-server 9 https://github.com/xwiki/xwiki-commons 8 https://github.com/opensearch-project/security 8 https://github.com/jenkinsci/config-file-provider-plugin 8 https://github.com/apache/zeppelin 8 https://github.com/hazelcast/hazelcast 8 https://github.com/nahsra/antisamy 8 https://github.com/apache/xmlgraphics-batik 7 https://github.com/RhinoSecurityLabs/CVEs 7 https://github.com/dataease/dataease 7 https://github.com/ratpack/ratpack 7 https://github.com/OpenTSDB/opentsdb 7 https://github.com/jflyfox/jfinal_cms 7 https://github.com/vaadin/framework 7 https://github.com/rubygems/rubygems 7 https://github.com/rundeck/rundeck 7 https://github.com/jenkinsci/blueocean-plugin 7 https://github.com/pgjdbc/pgjdbc 7 https://github.com/vert-x3/vertx-web 6 https://github.com/jenkinsci/electricflow-plugin 6 https://github.com/apache/pulsar 6 https://github.com/ESAPI/esapi-java-legacy 6 https://bitbucket.org/snakeyaml/snakeyaml 6 https://github.com/OpenRefine/OpenRefine 6 https://github.com/playframework/playframework 6 https://github.com/ls1intum/Ares 6 https://github.com/jenkinsci/build-failure-analyzer-plugin 6 https://github.com/DrunkenShells/Disclosures 6 https://github.com/jquery/jquery-ui 6 https://github.com/apache/tika 6 https://github.com/jenkinsci/ec2-plugin 6 https://github.com/jenkinsci/gerrit-trigger-plugin 6 https://github.com/line/armeria 6 https://github.com/jenkinsci/configuration-as-code-plugin 6 https://github.com/cui2shark/security 6 https://github.com/jenkinsci/fortify-on-demand-uploader-plugin 6 https://github.com/apache/hadoop 6 https://github.com/resteasy/resteasy 6 https://github.com/http4s/http4s 6 https://github.com/apache/karaf 5 https://github.com/apache/openmeetings 5 https://github.com/neo4j-contrib/neo4j-apoc-procedures 5 https://github.com/apache/geode 5 https://github.com/jettison-json/jettison 5 https://github.com/jensdietrich/xshady-release 5 https://github.com/jenkinsci/workflow-cps-global-lib-plugin 5 https://github.com/jenkinsci/m2release-plugin 5 https://github.com/h2database/h2database 5 https://github.com/OpenAPITools/openapi-generator 5 https://bitbucket.org/connect2id/nimbus-jose-jwt 5 https://github.com/jenkinsci/email-ext-plugin 5 https://github.com/jenkinsci/github-plugin 5 https://github.com/jenkinsci/gitlab-plugin 5 https://github.com/apiman/apiman 5 https://github.com/grails/grails-core 5 https://github.com/jenkinsci/publish-over-ssh-plugin 5 https://github.com/alibaba/nacos 5 https://github.com/PowerJob/PowerJob 5 https://github.com/protocolbuffers/protobuf 5 https://github.com/JLLeitschuh/security-research 5 https://github.com/apache/shiro 5 https://github.com/jenkinsci/support-core-plugin 5 https://github.com/apache/shenyu 5 https://github.com/jenkinsci/active-directory-plugin 5 https://github.com/jenkinsci/codedx-plugin 5 https://github.com/jenkinsci/subversion-plugin 5 https://github.com/jenkinsci/junit-plugin 5 https://github.com/restlet/restlet-framework-java 5 https://github.com/jenkinsci/p4-plugin 4 https://github.com/jfinal/jfinal 4 https://github.com/resteasy/Resteasy 4 https://github.com/reportportal/reportportal 4 https://github.com/jenkinsci/htmlpublisher-plugin 4 https://github.com/jenkinsci/xldeploy-plugin 4 https://github.com/apache/syncope 4 https://github.com/nightcloudos/new_cms 4 https://github.com/apache/solr 4 https://github.com/pippo-java/pippo 4 https://github.com/jenkinsci/matrix-project-plugin 4 https://github.com/jenkinsci/hpe-application-automation-tools-plugin 4 https://github.com/infinispan/infinispan 4 https://github.com/skylot/jadx 4 https://github.com/jenkinsci/credentials-binding-plugin 4 https://github.com/itext/itext7 4 https://github.com/ktorio/ktor 4 https://github.com/shopizer-ecommerce/shopizer 4 https://github.com/yamcs/yamcs 4 https://github.com/alkacon/opencms-core 4 https://github.com/jenkinsci/job-config-history-plugin 4 https://github.com/jenkinsci/fortify-plugin 4 https://github.com/jenkinsci/active-choices-plugin 4 https://github.com/apache/httpcomponents-client 4 https://github.com/HtmlUnit/htmlunit 4 https://github.com/stanfordnlp/corenlp 4 https://github.com/bcgit/bc-csharp 4 https://github.com/jenkinsci/ansible-plugin 4 https://github.com/jenkinsci/gitlab-oauth-plugin 4 https://github.com/xerial/snappy-java 4 https://github.com/jenkinsci/rundeck-plugin 4 https://github.com/jenkinsci/workflow-cps-plugin 4 https://github.com/jenkinsci/libvirt-slave-plugin 4 https://github.com/aws/aws-iot-device-sdk-java-v2 4 https://github.com/jenkinsci/nexus-platform-plugin 4 https://github.com/jenkinsci/warnings-ng-plugin 4 https://github.com/apache/activemq-artemis 4 https://github.com/micronaut-projects/micronaut-core 4 https://github.com/jenkinsci/scriptler-plugin 3 https://github.com/qos-ch/logback 3 https://github.com/AsyncHttpClient/async-http-client 3 https://github.com/open-metadata/OpenMetadata 3 https://github.com/xwiki/xwiki-rendering 3 https://svn.apache.org/viewvc/tomcat/tc7.0.x 3 https://github.com/matrix-org/matrix-android-sdk2 3 https://github.com/jenkinsci/git-parameter-plugin 3 https://github.com/jenkinsci/git-client-plugin 3 https://github.com/jenkinsci/cas-plugin 3 https://github.com/mbechler/marshalsec 3 https://github.com/jenkinsci/liquibase-runner-plugin 3 https://github.com/li-yu320/cms 3 https://github.com/jooby-project/jooby 3 https://github.com/jenkinsci/audit-trail-plugin 3 https://github.com/jenkinsci/azure-vm-agents-plugin 3 https://github.com/Adobe-Consulting-Services/acs-aem-commons 3 https://github.com/orientechnologies/orientdb 3 https://github.com/jenkinsci/azure-credentials-plugin 3 https://github.com/OWASP/json-sanitizer 3 https://github.com/intranda/goobi-viewer-core 3 https://github.com/jenkinsci/mercurial-plugin 3 https://github.com/jenkinsci/hashicorp-vault-plugin 3 https://github.com/jenkinsci/nomad-plugin 3 https://github.com/ysuzhangbin/cms 3 https://github.com/jenkinsci/kubernetes-plugin 3 https://github.com/peteroupc/CBOR-Java 3 https://github.com/pf4j/pf4j 3 https://github.com/jenkinsci/bitbucket-oauth-plugin 3 https://github.com/eclipse-vertx/vert.x 3 https://github.com/apache/storm 3 https://github.com/jenkinsci/embeddable-build-status-plugin 3 https://github.com/joniles/mpxj 3 https://github.com/apache/flume 3 https://github.com/apache/geronimo 3 https://github.com/jeremylong/DependencyCheck 3 https://github.com/jenkinsci/compuware-topaz-for-total-test-plugin 3 https://github.com/jenkinsci/crx-content-package-deployer-plugin 3 https://github.com/apache/olingo-odata4 3 https://github.com/codehaus-plexus/plexus-utils 3 https://github.com/Jarvis-616/cms 3 https://github.com/jenkinsci/jira-plugin 3 https://github.com/grpc/grpc 3 https://github.com/jenkinsci/mailer-plugin 3 https://github.com/opengoofy/hippo4j 3 https://github.com/jenkinsci/mac-plugin 3 https://github.com/jenkinsci/gitlab-branch-source-plugin 3 https://github.com/jenkinsci/lucene-search-plugin 3 https://github.com/apache/jackrabbit 3 https://github.com/LetianYuan/My-CVE-Public-References 3 https://bitbucket.org/b_c/jose4j 3 https://github.com/apache/james-project 3 https://github.com/javamelody/javamelody 3 https://github.com/spray/spray-json 3