Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

maven Security Advisories

Loading...
High
GSA_kwCzR0hTQS02M2NxLXBwcTgtY3c2Z84AArAM
Improper Input Validation in RESTEasy
Ecosystems: maven
Packages: org.jboss.resteasy:resteasy-client
Source: GitHub Advisory Database
Blast Radius: 28.5
Published: almost 2 years ago
High
GSA_kwCzR0hTQS05OW1mLWYzcWgtd3FycM4AAjkH
Improper Input Validation in Jenkins Pipeline: Groovy Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins.workflow:workflow-cps
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1jMzhtLXY0bTItNTI0ds4AATyn
Apache Tomcat Allows Remote Attackers to Spoof AJP Requests
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS14MjJ4LTVwcDktOHY3Zs4AA4q2
Content-Security-Policy disabled by Red Hat Dependency Analytics Jenkins Plugin
Ecosystems: maven
Packages: io.jenkins.plugins:redhat-dependency-analytics
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
High
GSA_kwCzR0hTQS00Mjg0LXgyNnItNGhoY80vIw
Cross Site Request Forgery in Apache JSPWiki
Ecosystems: maven
Packages: org.apache.jspwiki:jspwiki-main
Source: GitHub Advisory Database
Blast Radius: 11.4
Published: about 2 years ago
High
GSA_kwCzR0hTQS05MjVyLXI2cnAtMmpqN84AAv04
ManyDesigns Portofino subject to creation of insecure temporary file
Ecosystems: maven
Packages: com.manydesigns:portofino
Source: GitHub Advisory Database
Blast Radius: 4.3
Published: over 1 year ago
High
GSA_kwCzR0hTQS12cGg1LTJxMzMtN3I5aM4AA4qx
Arbitrary file read vulnerability in Git server Plugin can lead to RCE
Ecosystems: maven
Packages: org.jenkins-ci.plugins:git-server
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
High
GSA_kwCzR0hTQS1yZ3Y5LXE1NDMtcnFnNM4AAvJu
Uncontrolled Resource Consumption in FasterXML jackson-databind
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 40.4
Published: over 1 year ago
High
GSA_kwCzR0hTQS04NjR2LTVxMmctZnI2NM4AAlYf
Stored XSS vulnerability in Jenkins 'keep forever' badge icon
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS14N3FmLXFoM3ItbXgyMs4AAXcx
XXE vulnerability in Jenkins DRY Plugin
Ecosystems: maven
Packages: org.jvnet.hudson.plugins:dry
Source: GitHub Advisory Database
Blast Radius: 7.9
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1wNzJnLWNnaDktZ2hqZ84AAvxP
Failing DTLS handshakes may cause throttling to block processing of records
Ecosystems: maven
Packages: org.eclipse.californium:scandium
Source: GitHub Advisory Database
Blast Radius: 19.4
Published: over 1 year ago
High
GSA_kwCzR0hTQS0ycXA5LXdnMjctOXBjds4AAQ1M
Nimbus JOSE+JWT missing overflow check
Ecosystems: maven
Packages: com.nimbusds:nimbus-jose-jwt
Source: GitHub Advisory Database
Blast Radius: 28.5
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1oZmo4LTYzYzgtcm1md84AA4lp
Inefficient Algorithmic Complexity in com.upokecenter:cbor
Ecosystems: maven
Packages: com.upokecenter:cbor
Source: GitHub Advisory Database
Blast Radius: 13.9
Published: 4 months ago
High
GSA_kwCzR0hTQS1nNmhnLTR2M2MtNmpxN84AAvjS
Apache IoTDB subject to ReDOS with Java 8
Ecosystems: pypi, maven
Packages: apache-iotdb, org.apache.iotdb:iotdb-parent
Source: GitHub Advisory Database
Blast Radius: 4.6
Published: over 1 year ago
High
GSA_kwCzR0hTQS1qbWc0LXg0dnAtNmM2eM37rw
Apache Geode vulnerable to Incorrect Authorization
Ecosystems: maven
Packages: org.apache.geode:geode-core
Source: GitHub Advisory Database
Blast Radius: 22.6
Published: almost 2 years ago
High
GSA_kwCzR0hTQS0yM3J4LTc5cjctNmNweM4AA4lq
Sandbox escape in Artemis Java Test Sandbox
Ecosystems: maven
Packages: de.tum.in.ase:artemis-java-test-sandbox
Source: GitHub Advisory Database
Blast Radius: 6.5
Published: 4 months ago
High
GSA_kwCzR0hTQS03bWd4LWd2anctbTN3M84AA474
CrateDB authentication bypass vulnerability
Ecosystems: maven
Packages: io.crate:crate
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
High
GSA_kwCzR0hTQS1qcTJ3LXc3djItNjlxNc4AAq3b
Apache Solr vulnerable to XML Bomb
Ecosystems: maven
Packages: org.apache.solr:solr-core
Source: GitHub Advisory Database
Blast Radius: 27.7
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1oNTd3LXZoMzQtZjhjd84AA4dr
Code injection in mingSoft MCMS
Ecosystems: maven
Packages: net.mingsoft:ms-mcms
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: 4 months ago
High
GSA_kwCzR0hTQS1tcW1wLTRtY3Atdmc4ds3_eg
Apache ORC vulnerable to Uncontrolled Recursion
Ecosystems: maven
Packages: org.apache.orc:orc
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: almost 2 years ago
High
GSA_kwCzR0hTQS0zY2NxLWdjY3gtcG03as38dA
Jenkins SonarQube Scanner Plugin stored server authentication token in plain text
Ecosystems: maven
Packages: org.jenkins-ci.plugins:sonar
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS03NDZ4LXh4cngtMjNqcM33Xw
Jenkins Kmap Plugin stores credentials in plain text
Ecosystems: maven
Packages: org.jenkins-ci.plugins:kmap-jenkins
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1yNHEzLTdnNHEteDg5bc4AA4ms
Spring Framework server Web DoS Vulnerability
Ecosystems: maven
Packages: org.springframework:spring-core
Source: GitHub Advisory Database
Blast Radius: 39.0
Published: 4 months ago
High
GSA_kwCzR0hTQS14cDQ0LTh2d3IteHdtds4AAq6T
Jenkins Aqua Security Scanner Plugin showed plain text password in configuration form
Ecosystems: maven
Packages: org.jenkins-ci.plugins:aqua-security-scanner
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1nMjR3LTM3M3ItNXB4Z84AAiH0
Use of Insufficiently Random Values in Apereo CAS
Ecosystems: maven
Packages: org.apereo.cas:cas-server-core-services-authentication, org.apereo.cas:cas-server-support-shell, org.apereo.cas:cas-server-support-oauth-core-api, org.apereo.cas:cas-server-core-services-api, org.apereo.cas:cas-server-support-oidc, org.apereo.cas:cas-server-support-simple-mfa
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1tMmZ2LTNycW0tZzdwNc4AARHc
Deserialization of Untrusted Data in org.jboss.resteasy:resteasy-yaml-provider
Ecosystems: maven
Packages: org.jboss.resteasy:resteasy-yaml-provider
Source: GitHub Advisory Database
Blast Radius: 15.9
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1jM3dmLXJyaHEtcmZwMs4AAi-u
Cross-site request forgery vulnerability in Jenkins WebSphere Deployer Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:websphere-deployer
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS00NnJyLTg3aDQtZjVxNs4AAi-v
SSL/TLS certificate validation globally and unconditionally disabled by Jenkins WebSphere Deployer Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:websphere-deployer
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS0yYzlxLXF3cmMtZjQ4Ns4AAXx4
XML External Entity Reference in org.picketlink:picketlink-common
Ecosystems: maven
Packages: org.picketlink:picketlink-common
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS0zMnZqLXYzOWctamgyM84AAvnt
spring-security-oauth2-client vulnerable to Privilege Escalation
Ecosystems: maven
Packages: org.springframework.security:spring-security-oauth2-client
Source: GitHub Advisory Database
Blast Radius: 28.6
Published: over 1 year ago
High
GSA_kwCzR0hTQS03ajY2LXd2aHItbTgzeM4AAgZU
Stored Cross-site Scripting vulnerabilities in Jenkins promoted Builds (Simple) plugin providing additional parameter types
Ecosystems: maven
Packages: org.jenkins-ci.plugins:promoted-builds-simple
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRjY2gtd3hwdy04cDI4
Server-Side Forgery Request can be activated unmarshalling with XStream
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: GitHub Advisory Database
Blast Radius: 33.9
Published: over 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg5cXItMzY5Zi01bTV4
Unsafe Deserialization in jackson-databind
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 43.6
Published: over 2 years ago
High
GSA_kwCzR0hTQS1wdjdoLWh4NWgtbWdmas4AArfz
Unsafe deserialization in com.alibaba:fastjson
Ecosystems: maven
Packages: com.alibaba:fastjson
Source: GitHub Advisory Database
Blast Radius: 41.1
Published: almost 2 years ago
High
GSA_kwCzR0hTQS12OHg2LTU5ZzQtNWczd84AArY6
Denial of service binding form from JSON in Play Framework
Ecosystems: maven
Packages: com.typesafe.play:play_2.12, com.typesafe.play:play_2.13
Source: GitHub Advisory Database
Blast Radius: 17.5
Published: almost 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXg2NGctNHh4OS1maDZ4
Denial of Service in Cryptacular
Ecosystems: maven
Packages: org.cryptacular:cryptacular
Source: GitHub Advisory Database
Blast Radius: 20.9
Published: almost 4 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZmcXgtMzNxbS1nODY5
Unsafe Deserialization in jackson-databind
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 43.6
Published: over 2 years ago
High
GSA_kwCzR0hTQS14amZ3LTV2djUtdmpxMs4AArTa
Cross-site Scripting in Filter Stream Converter Application in XWiki Platform
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-filter-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTMzNTctODI5eC1tOXBy
Apache CXF Fediz application plugins are vulnerable to Denial of Service (DoS) attacks
Ecosystems: maven
Packages: org.apache.cxf.fediz:fediz-core, org.apache.cxf.fediz:fediz-idp
Source: GitHub Advisory Database
Blast Radius: 6.8
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZwY2MtM3JmeC00Z3Bt
Dom4j contains a XML Injection vulnerability
Ecosystems: maven
Packages: dom4j:dom4j, org.dom4j:dom4j
Source: GitHub Advisory Database
Blast Radius: 33.5
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhmdjMtcnJmbS1mMnJ2
Information Exposure in Netty
Ecosystems: maven
Packages: io.netty:netty, org.jboss.netty:netty, io.netty:netty-parent
Source: GitHub Advisory Database
Blast Radius: 31.2
Published: almost 4 years ago
High
GSA_kwCzR0hTQS1waDV4LWgyM3gtN3E1cc4AArNJ
Cross-site Scripting in wiki manager join wiki page
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-wiki-ui-mainwiki
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS12bWhoLXhoM2ctajk5Ms4AArNI
Cross-site Scripting in the Flamingo theme manager
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-flamingo-theme-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTM0NGYtZjV2Zy0yamZq
Potential remote code execution in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat-catalina
Source: GitHub Advisory Database
Blast Radius: 26.2
Published: almost 4 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg0cmMtMzg2Zy02bTg1
jackson-databind mishandles the interaction between serialization gadgets and typing
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 43.6
Published: about 4 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThqcHgtbTJ3aC0ydjM0
Remote Code Execution (RCE) vulnerability in dropwizard-validation
Ecosystems: maven
Packages: io.dropwizard:dropwizard-validation
Source: GitHub Advisory Database
Blast Radius: 17.3
Published: about 4 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZxd2YtcGp3Zi03dnF2
jackson-databind mishandles the interaction between serialization gadgets and typing
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 47.4
Published: almost 4 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJteHItODlnZi1yYzR2
Read permissions not enforced for client provided filter expressions in Elide.
Ecosystems: maven
Packages: com.yahoo.elide:elide-core
Source: GitHub Advisory Database
Blast Radius: 9.1
Published: about 4 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhtYzgtMjZxNC1xamh4
Denial of Service (DoS) in Jackson Dataformat CBOR
Ecosystems: maven
Packages: com.fasterxml.jackson.dataformat:jackson-dataformat-cbor
Source: GitHub Advisory Database
Blast Radius: 27.1
Published: over 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA0cTYtcXhqeC04amdw
Directory Traversal in spring-boot-actuator-logview
Ecosystems: maven
Packages: eu.hinsch:spring-boot-actuator-logview
Source: GitHub Advisory Database
Blast Radius: 6.0
Published: over 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdtZmctNTVmOS1qOGhx
Server-Side Template Injection
Ecosystems: maven
Packages: com.browserup:browserup-proxy
Source: GitHub Advisory Database
Blast Radius: 6.0
Published: over 3 years ago
High
GSA_kwCzR0hTQS1xZzd4LTRoNHEtM200Oc4AAjQr
XML external entity (XXE) vulnerability in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1xajI3LXc5MmgtZmM5cs4AAjQo
XML external entity (XXE) vulnerability in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1jdng1LW04dmctdnhnY81BlA
Arbitrary filesystem write access from velocity.
Ecosystems: maven
Packages: org.xwiki.commons:xwiki-commons-velocity
Source: GitHub Advisory Database
Blast Radius: 13.6
Published: about 2 years ago
High
GSA_kwCzR0hTQS04Z2Y3LXczY3AtZ2ZoM84AAqWi
Improper Restriction of XML External Entity Reference in Stanford CoreNLP
Ecosystems: maven
Packages: edu.stanford.nlp:stanford-corenlp
Source: GitHub Advisory Database
Blast Radius: 25.2
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1tNGY4LXA1OGctajhtas4AAxCR
Observable timing discrepancy in JOpenId
Ecosystems: maven
Packages: org.expressme:JOpenId
Source: GitHub Advisory Database
Blast Radius: 15.6
Published: over 1 year ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFwd2otbXZ2Ny12M205
High severity vulnerability that affects org.apache.cxf.fediz:fediz-spring and org.apache.cxf.fediz:fediz-spring2
Ecosystems: maven
Packages: org.apache.cxf.fediz:fediz-spring2, org.apache.cxf.fediz:fediz-spring
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW12cXAtcTM3Yy13Zjlq
io.ratpack:ratpack-core vulnerable to Improper Neutralization of Special Elements in Output ('Injection')
Ecosystems: maven
Packages: io.ratpack:ratpack-core
Source: GitHub Advisory Database
Blast Radius: 17.6
Published: over 4 years ago
High
GSA_kwCzR0hTQS1xanBmLTJqaHgtMzc1OM4AA4qz
Arbitrary file read vulnerability in Jenkins Log Command Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:log-command
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNnbTctdjd2dy04NjZj
XML External Entity (XXE) Injection in Apache Solr
Ecosystems: maven
Packages: org.apache.solr:solr-core
Source: GitHub Advisory Database
Blast Radius: 26.6
Published: almost 5 years ago
High
GSA_kwCzR0hTQS01M3BoLTJyMngtdnF3OM4AA4qv
Cross-site WebSocket hijacking vulnerability in the Jenkins CLI
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
High
GSA_kwCzR0hTQS1qZmo5LTdqNXctNnhneM4AAXcj
XXE vulnerability in Jenkins Checkstyle Plugin
Ecosystems: maven
Packages: org.jvnet.hudson.plugins:checkstyle
Source: GitHub Advisory Database
Blast Radius: 11.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1wZndwLXE5ODQtdzd3aM0sRA
Jenkins Pipeline: Deprecated Groovy Libraries Plugin Protection Mechanism Failure
Ecosystems: maven
Packages: org.jenkins-ci.plugins.workflow:workflow-cps-global-lib
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS01MjkzLTNmZ3AtY3IzeM37rA
Missing permission checks in Jenkins Periodic Backup Plugin allow every user to change settings
Ecosystems: maven
Packages: org.jenkins-ci.plugins:periodicbackup
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1oN3J4LXI3MzMtN3g3cs4AAR2D
Sandbox bypass in Jenkins Script Security Plugin sandbox bypass
Ecosystems: maven
Packages: org.jenkins-ci.plugins:script-security
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1tOXgtZzhwYy13Mjky
Denial of Service in Netty
Ecosystems: maven
Packages: io.netty:netty-handler
Source: GitHub Advisory Database
Blast Radius: 29.2
Published: almost 4 years ago
High
GSA_kwCzR0hTQS01NTMyLXBycmYtcmY1eM4AAR2y
Arbitrary code execution vulnerability in Jenkins Speaks! Plugin
Ecosystems: maven
Packages: org.jvnet.hudson.plugins:speaks
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQ0ODcteDM4My1xcHBo
Possible privilege escalation in org.springframework:spring-core
Ecosystems: maven
Packages: org.springframework:spring-core
Source: GitHub Advisory Database
Blast Radius: 39.0
Published: over 5 years ago
High
GSA_kwCzR0hTQS1jOXB4LTdqMzYtZjM1ds4AASke
CSRF vulnerability and missing permission checks in Jenkins AbsInt Astrée Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:absint-astree
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1wd3ZqLTZwaHgtcXY4Y84AAXcc
CSRF vulnerability in Jenkins Translation Assistance plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:translation
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1wY2hwLWM1dzgtNDdnY81A1Q
Hash collision attack vulnerability in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS13bXEzLTI0am0tbTh4aM33LA
Jenkins Assembla Auth Plugin stores credentials in plain text
Ecosystems: maven
Packages: org.jenkins-ci.plugins:assembla-auth
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1taHdxLTRtaDctZnY3Y84AAR1s
Arbitrary code execution due to incomplete sandbox protection in Jenkins Pipeline
Ecosystems: maven
Packages: org.jenkins-ci.plugins.workflow:workflow-cps
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS13cDc5LWNwdjItOWc3bc4AAXbL
Arbitrary shell command execution in Jenkins EC2 Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:ec2
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXh4Z3AtcGNmYy0zdmdj
Privilege Escalation in Hibernate Validator
Ecosystems: maven
Packages: org.hibernate:hibernate-validator
Source: GitHub Advisory Database
Blast Radius: 34.7
Published: almost 4 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdwcm0teHFyYy1jMmoz
Command Injection in Kylin
Ecosystems: maven
Packages: org.apache.kylin:kylin-core-common
Source: GitHub Advisory Database
Blast Radius: 13.1
Published: almost 4 years ago
High
GSA_kwCzR0hTQS1yNWM3LXFjYzktNXY3bc4AARb2
Jenkins Pipeline Classpath Step plugin allowed Script Security sandbox bypass
Ecosystems: maven
Packages: cprice404:pipeline-classpath
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWY5NG0tbXFoci1tYzI5
Uncontrolled Resource Consumption in spray-json when parsing decimal digit fields
Ecosystems: maven
Packages: io.spray:spray-json_2.10, io.spray:spray-json_2.11, io.spray:spray-json_2.12
Source: GitHub Advisory Database
Blast Radius: 19.2
Published: over 5 years ago
High
GSA_kwCzR0hTQS13N2dqLWg2ZjIteDRjNs4AAmXs
fabric8-maven-plugin: insecure way to construct Yaml Object leading to remote code execution
Ecosystems: maven
Packages: io.fabric8:fabric8-maven-plugin
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1xanBxLTVwcTMtNDNycs4AAT1O
Incorrect Privilege Assignment in RESTEasy
Ecosystems: maven
Packages: org.jboss.resteasy:resteasy-client
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS13Z21yLW1mODMtN3g0as4AAtJO
Jetty vulnerable to Invalid HTTP/2 requests that can lead to denial of service
Ecosystems: maven
Packages: org.eclipse.jetty.http2:http2-server
Source: GitHub Advisory Database
Blast Radius: 22.9
Published: almost 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThyaGMtNDhwcC01Mmdy
High severity vulnerability that affects org.apache.spark:spark-core_2.10 and org.apache.spark:spark-core_2.11
Ecosystems: maven
Packages: org.apache.spark:spark-core_2.10, org.apache.spark:spark-core_2.11
Source: GitHub Advisory Database
Blast Radius: 30.8
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdoOGctM2oyYy1ycWo1
Serialization gadgets exploit in jackson-databind
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 43.6
Published: over 2 years ago
High
GSA_kwCzR0hTQS0yZzg2LXI2dzItd3Fxcs4AAtHL
Use of Hard-coded Credentials in Nacos
Ecosystems: maven
Packages: com.alibaba.nacos:nacos-client
Source: GitHub Advisory Database
Blast Radius: 29.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS0zOXIzLWg4cTYtMnBocc4AAs8l
Reflected Cross site scripting in Jenkins Embeddable Build Status Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:embeddable-build-status
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBwYzMtZnB2aC03Mzk2
Improper synchronization in Apache Netbeans HTML/Java API
Ecosystems: maven
Packages: org.netbeans.html:pom
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
High
GSA_kwCzR0hTQS04NXdxLXBxaHAtaG1xNs4AAXaM
Cross-Site Request Forgery in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS13ZmozLTUzNW0tcDZmeM4AATfc
Improper Input Validation in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNteDQtcDR2NS1obXI1
Server-side request forgery (SSRF) in Apache Batik
Ecosystems: maven
Packages: org.apache.xmlgraphics:batik
Source: GitHub Advisory Database
Blast Radius: 5.8
Published: over 2 years ago
High
GSA_kwCzR0hTQS1wZnYyLTM3ZjctOW02d84AAQ1w
Improper Verification of Cryptographic Signature in Nimbus JOSE+JWT
Ecosystems: maven
Packages: com.nimbusds:nimbus-jose-jwt
Source: GitHub Advisory Database
Blast Radius: 28.5
Published: almost 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTlxZ2MtcDI3dy0zaGpn
High severity vulnerability that affects com.typesafe.akka:akka-http-core_2.11 and com.typesafe.akka:akka-http-core_2.12
Ecosystems: maven
Packages: com.typesafe.akka:akka-http-core_2.11, com.typesafe.akka:akka-http-core_2.12
Source: GitHub Advisory Database
Blast Radius: 15.8
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXB4OWYtNTk3Zi13bWNm
Uncontrolled Resource Consumption in Apache OpenMeetings server
Ecosystems: maven
Packages: org.apache.openmeetings:openmeetings-parent
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 3 years ago
High
GSA_kwCzR0hTQS00NnI1LTU5ZmctMmZqY84AATY0
Deserialization of Untrusted Data in Infinispan
Ecosystems: maven
Packages: org.infinispan:infinispan-core
Source: GitHub Advisory Database
Blast Radius: 31.8
Published: almost 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdxOGctZ3BmcC12OGd4
Insertion of Sensitive Information into Log File in Apache NiFi
Ecosystems: maven
Packages: org.apache.nifi:nifi-security-utils, org.apache.nifi:nifi-framework-core
Source: GitHub Advisory Database
Blast Radius: 14.8
Published: over 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJoNjMtcXA2OS1md3Z3
Server-side request forgery (SSRF) in Apache Batik
Ecosystems: maven
Packages: org.apache.xmlgraphics:batik-svgbrowser
Source: GitHub Advisory Database
Blast Radius: 4.9
Published: over 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc5MnItbWgycS1wOHFw
Server Side Request Forgery (SSRF) in org.mitre:openid-connect-server
Ecosystems: maven
Packages: org.mitre:openid-connect-server
Source: GitHub Advisory Database
Blast Radius: 14.6
Published: almost 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWc2NDQtcHI1di12cHBm
Insertion of Sensitive Information into Log File in Apache NiFi Stateless
Ecosystems: maven
Packages: org.apache.nifi:nifi-stateless
Source: GitHub Advisory Database
Blast Radius: 7.8
Published: over 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1tNTctOWo2cS1yeG0y
Akka Java Serialization vulnerability
Ecosystems: maven
Packages: com.typesafe.akka:akka-actor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 5 years ago
High
GSA_kwCzR0hTQS1md3FyLTNwdnAtcGp3cc4AARcc
Deserialization of Untrusted Data in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWozOWMtYzhoai14NGoz
Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat.embed:tomcat-embed-core
Source: GitHub Advisory Database
Blast Radius: 31.1
Published: almost 3 years ago
Statistics
Advisories: 18,440
Packages: 8,316
Repositories: 972
Ecosystems: 12
Filter by Severity
Moderate 7,964 High 6,379 Critical 2,816 Low 990
Filter by Ecosystem
maven 5,537 packagist 3,820 pypi 3,750 npm 3,551 go 1,904 nuget 1,391 rubygems 814 cargo 779 swift 31 hex 30 actions 16 pub 8
Filter by Package
org.jenkins-ci.main:jenkins-core 189 org.apache.tomcat:tomcat 134 com.fasterxml.jackson.core:jackson-databind 69 org.apache.struts:struts2-core 55 org.keycloak:keycloak-core 47 com.liferay.portal:release.portal.bom 45 com.thoughtworks.xstream:xstream 36 org.apache.tomcat.embed:tomcat-embed-core 36 com.jfinal:jfinal 36 net.mingsoft:ms-mcms 35 org.xwiki.platform:xwiki-platform-oldcore 34 org.jenkins-ci.plugins:script-security 32 org.elasticsearch:elasticsearch 32 org.keycloak:keycloak-services 27 io.undertow:undertow-core 27 org.keycloak:keycloak-parent 25 org.apache.solr:solr-core 25 org.eclipse.jetty:jetty-server 23 org.springframework.security:spring-security-core 23 org.apache.nifi:nifi 22 org.apache.openmeetings:openmeetings-parent 21 org.cloudfoundry.identity:cloudfoundry-identity-server 20 org.springframework:spring-core 19 org.bouncycastle:bcprov-jdk14 19 com.liferay.portal:release.dxp.bom 18 com.vaadin:vaadin-bom 18 org.xwiki.platform:xwiki-platform-web-templates 17 org.apache.geode:geode-core 17 org.apache.dubbo:dubbo 16 org.bouncycastle:bcprov-jdk15 16 org.apache.activemq:activemq-client 16 org.apache.struts.xwork:xwork-core 15 org.apache.jspwiki:jspwiki-main 15 org.apache.inlong:manager-pojo 14 org.xwiki.platform:xwiki-platform-web 14 org.apache.hadoop:hadoop-main 13 org.apache.cxf:cxf 13 org.apache.dolphinscheduler:dolphinscheduler 12 com.vaadin:flow-server 12 org.jenkins-ci.plugins.workflow:workflow-cps 12 org.jenkins-ci.plugins:git 12 org.apache.cxf:cxf-core 11 org.apache.hadoop:hadoop-common 11 org.igniterealtime.openfire:parent 11 org.jenkins-ci.plugins:email-ext 11 org.apache.camel:camel-core 11 org.jeecgframework.boot:jeecg-boot-common 11 org.mortbay.jetty:jetty 11 org.apache.commons:commons-compress 11 org.apache.ranger:ranger 11 org.jeecgframework.boot:jeecg-boot-parent 11 org.apache.tomcat:tomcat-coyote 11 org.apache.jspwiki:jspwiki-war 11 com.xuxueli:xxl-job 11 org.apache.james:james-server 11 org.apache.tika:tika-core 11 io.netty:netty 10 org.xwiki.platform:xwiki-platform-administration-ui 10 org.jboss.netty:netty 10 org.jenkins-ci.plugins.workflow:workflow-cps-global-lib 10 org.apache.inlong:manager-service 10 org.apache.shiro:shiro-core 9 io.jenkins:configuration-as-code 9 org.apache.tapestry:tapestry-core 9 org.opencrx:opencrx-core-models 9 org.opennms:opennms 9 org.craftercms:crafter-studio 9 com.sonyericsson.jenkins.plugins.bfa:build-failure-analyzer 9 org.jenkins-ci.plugins:active-directory 9 org.apache.archiva:archiva 9 cn.hutool:hutool-core 9 org.apache.xmlgraphics:batik 9 org.springframework:spring-web 9 org.jenkins-ci.plugins:electricflow 9 org.apache.hive:hive 9 org.apache.tomcat:tomcat-catalina 9 org.jenkins-ci.plugins:config-file-provider 9 org.springframework:spring-webmvc 9 org.bouncycastle:bcprov-jdk15on 9 jquery 9 jquery-rails 9 org.webjars.npm:jquery 9 io.jenkins.blueocean:blueocean 8 org.apache.zeppelin:zeppelin 8 org.opencms:opencms-core 8 org.graylog2:graylog2-server 8 jQuery 8 org.apache.santuario:xmlsec 8 org.yaml:snakeyaml 8 org.postgresql:postgresql 8 com.hazelcast:hazelcast 8 mysql:mysql-connector-java 8 org.jenkins-ci.plugins:ec2 8 org.apache.hive:hive-exec 8 org.apache.ozone:ozone-main 8 org.apache.kylin:kylin 8 org.apache.pdfbox:pdfbox 8 org.apache.ambari:ambari 8 org.apache.derby:derby 7 org.apache.activemq:activemq-parent 7 org.jeecgframework.boot:jeecg-boot-base 7 org.apache.tika:tika 7 org.owasp.esapi:esapi 7 org.apache.inlong:manager-web 7 io.dataease:dataease-plugin-common 7 org.jboss.resteasy:resteasy-client 7 io.jenkins.plugins:cavisson-ns-nd-integration 7 org.apache.spark:spark-core_2.11 7 org.jruby:jruby-stdlib 7 org.apache.cxf:apache-cxf 7 org.jenkins-ci.plugins:rundeck 7 org.jenkins-ci.plugins:mercurial 7 org.apache.atlas:atlas-common 7 rubygems-update 7 org.jenkins-ci.plugins:subversion 7 org.apache.karaf:apache-karaf 7 org.apache.logging.log4j:log4j-core 7 org.jenkins-ci.plugins:jobConfigHistory 7 io.atomix:atomix 7 net.opentsdb:opentsdb 7 org.owasp.antisamy:antisamy 7 io.jenkins.plugins:miniorange-saml-sp 7 org.jenkins-ci.plugins:openshift-deployer 7 org.apache.poi:poi 7 org.apache.linkis:linkis 7 jQuery.UI.Combined 7 org.jenkins-ci.plugins:artifactory 7 jquery-ui 7 jquery-ui-rails 7 org.silverpeas.core:silverpeas-core-web 7 org.apache.hive:hive-service 7 io.jenkins.plugins:warnings-ng 7 org.webjars.npm:jquery-ui 7 org.apache.struts:struts2-rest-plugin 6 org.csanchez.jenkins.plugins:kubernetes 6 org.apache.shenyu:shenyu-common 6 de.tum.in.ase:artemis-java-test-sandbox 6 org.opensearch.plugin:opensearch-security 6 io.netty:netty-handler 6 org.opencastproject:opencast-kernel 6 com.jflyfox:jflyfox_jfinal 6 org.xwiki.commons:xwiki-commons-xml 6 org.jenkins-ci.plugins:azure-vm-agents 6 org.apache.pulsar:pulsar-broker 6 hudson.plugins:project-inheritance 6 org.jenkins-ci.plugins:ec2-deployment-dashboard 6 org.apache.spark:spark-core_2.10 6 org.jenkins-ci.plugins:repository-connector 6 axis:axis 6 io.netty:netty-codec-http 6 org.apache.axis:axis 6 org.jenkins-ci.plugins:fortify-on-demand-uploader 6 org.apache.storm:storm-core 6 org.apache.httpcomponents:httpclient 6 com.sonyericsson.hudson.plugins.gerrit:gerrit-trigger 6 com.xebialabs.deployit.ci:deployit-plugin 6 org.apache.mesos:mesos 6 org.bouncycastle:bcprov-jdk15to18 6 org.apache.syncope:syncope-core 6 org.jenkins-ci.plugins:pipeline-maven 6 cn.hutool:hutool-json 6 tech.powerjob:powerjob 6 org.jenkins-ci.plugins:gitlab-oauth 6 commons-fileupload:commons-fileupload 6 org.apache.solr:solr-parent 6 org.jenkins-ci.plugins:openid 5 org.jenkins-ci.plugins:mailer 5 org.jenkins-ci.plugins:websphere-deployer 5 org.springframework.amqp:spring-amqp 5 org.opennms:opennms-webapp 5 com.google.protobuf:protobuf-java 5 info.magnolia:magnolia-core 5 org.jenkins-ci.plugins:junit 5 com.nimbusds:nimbus-jose-jwt 5 edu.stanford.nlp:stanford-corenlp 5 org.apache.cassandra:cassandra-all 5 org.jenkins-ci.plugins:htmlpublisher 5 com.alibaba:dubbo 5 org.jenkins-ci.plugins:ghprb 5 org.apache.struts:struts-core 5 org.xwiki.platform:xwiki-platform-flamingo-skin-resources 5 org.jenkins-ci.plugins:gitlab-plugin 5 org.apache.inlong:manager-dao 5 org.jenkins-ci.plugins.m2release:m2release 5 org.jenkins-ci.plugins:extended-choice-parameter 5 com.datapipe.jenkins.plugins:hashicorp-vault-plugin 5 org.igniterealtime.openfire:xmppserver 5 org.bouncycastle:bcprov-ext-jdk15on 5 org.jenkins-ci.plugins:publish-over-ssh 5 com.synopsys.jenkinsci:ownership 5 org.jenkins-ci.plugins:fortify 5 com.ruoyi:ruoyi 5 log4j:log4j 5 org.zenframework.z8.dependencies.commons:log4j-1.2.17 5 org.jenkins-ci.plugins:credentials 5 com.coravy.hudson.plugins.github:github 5 io.vertx:vertx-web 5 struts:struts 5 org.jenkinsci.plugins:octoperf 5 org.jenkins-ci.plugins:sinatra-chef-builder 5
Filter by Repository
https://github.com/xwiki/xwiki-platform 172 https://github.com/jenkinsci/jenkins 148 https://github.com/apache/tomcat 96 https://github.com/FasterXML/jackson-databind 70 https://github.com/keycloak/keycloak 58 https://github.com/apache/struts 46 https://github.com/spring-projects/spring-framework 41 https://github.com/x-stream/xstream 36 https://github.com/apache/activemq 33 https://github.com/CVEProject/cvelist 28 https://github.com/apache/inlong 26 https://github.com/eclipse/jetty.project 23 https://github.com/jenkinsci/script-security-plugin 21 https://github.com/apache/nifi 21 https://github.com/netty/netty 20 https://github.com/OpenNMS/opennms 20 https://github.com/jeecgboot/jeecg-boot 20 https://github.com/bcgit/bc-java 19 https://github.com/apache/cxf 19 https://github.com/cloudfoundry/uaa 19 https://github.com/vaadin/platform 17 https://github.com/opencast/opencast 16 https://github.com/geoserver/geoserver 15 https://github.com/apache/camel 15 https://github.com/ming-soft/MCMS 13 https://github.com/quarkusio/quarkus 13 https://github.com/undertow-io/undertow 13 https://github.com/xuxueli/xxl-job 13 https://github.com/apache/dolphinscheduler 12 https://github.com/dromara/hutool 12 https://github.com/apache/kylin 12 https://github.com/igniterealtime/Openfire 11 https://github.com/vaadin/flow 11 https://github.com/jenkinsci/git-plugin 10 https://github.com/jquery/jquery 10 https://github.com/apache/lucene-solr 9 https://github.com/Graylog2/graylog2-server 9 https://github.com/DSpace/DSpace 9 https://github.com/cui2shark/cms 9 https://github.com/spring-projects/spring-security 9 https://github.com/opensearch-project/security 8 https://github.com/xwiki/xwiki-commons 8 https://github.com/nahsra/antisamy 8 https://github.com/hazelcast/hazelcast 8 https://github.com/jenkinsci/config-file-provider-plugin 8 https://github.com/apache/zeppelin 8 https://github.com/apache/xmlgraphics-batik 7 https://github.com/RhinoSecurityLabs/CVEs 7 https://github.com/ratpack/ratpack 7 https://github.com/jflyfox/jfinal_cms 7 https://github.com/rubygems/rubygems 7 https://github.com/rundeck/rundeck 7 https://github.com/dataease/dataease 7 https://github.com/OpenTSDB/opentsdb 7 https://github.com/pgjdbc/pgjdbc 7 https://github.com/vaadin/framework 7 https://github.com/jenkinsci/blueocean-plugin 7 https://github.com/jenkinsci/electricflow-plugin 6 https://github.com/vert-x3/vertx-web 6 https://github.com/OpenRefine/OpenRefine 6 https://github.com/jenkinsci/ec2-plugin 6 https://github.com/apache/hadoop 6 https://github.com/apache/tika 6 https://github.com/DrunkenShells/Disclosures 6 https://github.com/jenkinsci/configuration-as-code-plugin 6 https://github.com/playframework/playframework 6 https://github.com/jquery/jquery-ui 6 https://github.com/apache/pulsar 6 https://github.com/resteasy/resteasy 6 https://github.com/ls1intum/Ares 6 https://github.com/ESAPI/esapi-java-legacy 6 https://bitbucket.org/snakeyaml/snakeyaml 6 https://github.com/jenkinsci/build-failure-analyzer-plugin 6 https://github.com/line/armeria 6 https://github.com/jenkinsci/fortify-on-demand-uploader-plugin 6 https://github.com/jenkinsci/gerrit-trigger-plugin 6 https://github.com/http4s/http4s 6 https://github.com/cui2shark/security 6 https://github.com/jenkinsci/m2release-plugin 5 https://github.com/apache/karaf 5 https://github.com/grails/grails-core 5 https://github.com/protocolbuffers/protobuf 5 https://github.com/apache/shiro 5 https://github.com/PowerJob/PowerJob 5 https://github.com/apache/shenyu 5 https://github.com/alibaba/nacos 5 https://github.com/JLLeitschuh/security-research 5 https://github.com/h2database/h2database 5 https://github.com/jenkinsci/workflow-cps-global-lib-plugin 5 https://github.com/apache/openmeetings 5 https://github.com/jensdietrich/xshady-release 5 https://github.com/jettison-json/jettison 5 https://github.com/jenkinsci/email-ext-plugin 5 https://github.com/OpenAPITools/openapi-generator 5 https://github.com/jenkinsci/codedx-plugin 5 https://github.com/jenkinsci/active-directory-plugin 5 https://github.com/apiman/apiman 5 https://github.com/jenkinsci/publish-over-ssh-plugin 5 https://github.com/jenkinsci/subversion-plugin 5 https://github.com/restlet/restlet-framework-java 5 https://bitbucket.org/connect2id/nimbus-jose-jwt 5 https://github.com/jenkinsci/github-plugin 5 https://github.com/jenkinsci/junit-plugin 5 https://github.com/jenkinsci/gitlab-plugin 5 https://github.com/jenkinsci/support-core-plugin 5 https://github.com/neo4j-contrib/neo4j-apoc-procedures 5 https://github.com/apache/geode 5 https://github.com/reportportal/reportportal 4 https://github.com/jenkinsci/nexus-platform-plugin 4 https://github.com/jenkinsci/gitlab-oauth-plugin 4 https://github.com/jenkinsci/p4-plugin 4 https://github.com/itext/itext7 4 https://github.com/jenkinsci/libvirt-slave-plugin 4 https://github.com/jenkinsci/htmlpublisher-plugin 4 https://github.com/pippo-java/pippo 4 https://github.com/resteasy/Resteasy 4 https://github.com/jenkinsci/xldeploy-plugin 4 https://github.com/jenkinsci/rundeck-plugin 4 https://github.com/jenkinsci/matrix-project-plugin 4 https://github.com/skylot/jadx 4 https://github.com/jenkinsci/credentials-binding-plugin 4 https://github.com/shopizer-ecommerce/shopizer 4 https://github.com/jfinal/jfinal 4 https://github.com/jenkinsci/active-choices-plugin 4 https://github.com/nightcloudos/new_cms 4 https://github.com/xerial/snappy-java 4 https://github.com/infinispan/infinispan 4 https://github.com/apache/activemq-artemis 4 https://github.com/ktorio/ktor 4 https://github.com/aws/aws-iot-device-sdk-java-v2 4 https://github.com/jenkinsci/job-config-history-plugin 4 https://github.com/apache/httpcomponents-client 4 https://github.com/yamcs/yamcs 4 https://github.com/alkacon/opencms-core 4 https://github.com/stanfordnlp/corenlp 4 https://github.com/apache/syncope 4 https://github.com/jenkinsci/hpe-application-automation-tools-plugin 4 https://github.com/jenkinsci/ansible-plugin 4 https://github.com/HtmlUnit/htmlunit 4 https://github.com/apache/solr 4 https://github.com/jenkinsci/warnings-ng-plugin 4 https://github.com/jenkinsci/workflow-cps-plugin 4 https://github.com/micronaut-projects/micronaut-core 4 https://github.com/jenkinsci/fortify-plugin 4 https://github.com/apache/santuario-java 3 https://github.com/matrix-org/matrix-android-sdk2 3 https://github.com/apache/storm 3 https://github.com/jenkinsci/git-parameter-plugin 3 https://github.com/AsyncHttpClient/async-http-client 3 https://github.com/jenkinsci/database-plugin 3 https://github.com/jenkinsci/embeddable-build-status-plugin 3 https://github.com/codehaus-plexus/plexus-utils 3 https://github.com/opengoofy/hippo4j 3 https://github.com/jenkinsci/gitlab-branch-source-plugin 3 https://github.com/open-metadata/OpenMetadata 3 https://github.com/orientechnologies/orientdb 3 https://github.com/OWASP/json-sanitizer 3 https://github.com/Rabb1ter/cms 3 https://github.com/intranda/goobi-viewer-core 3 https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server 3 https://github.com/mbechler/marshalsec 3 https://github.com/LetianYuan/My-CVE-Public-References 3 https://github.com/qos-ch/logback 3 https://github.com/jenkinsci/git-client-plugin 3 https://github.com/jenkinsci/hashicorp-vault-plugin 3 https://github.com/pf4j/pf4j 3 https://github.com/peteroupc/CBOR-Java 3 https://github.com/li-yu320/cms 3 https://github.com/joniles/mpxj 3 https://github.com/jooby-project/jooby 3 https://github.com/jenkinsci/kubernetes-plugin 3 https://github.com/jenkinsci/cas-plugin 3 https://github.com/wso2/carbon-registry 3 https://github.com/jenkinsci/ci-with-toad-edge-plugin 3 https://github.com/eclipse/lemminx 3 https://github.com/jenkinsci/cloudbees-jenkins-advisor-plugin 3 https://github.com/wildfly/wildfly-core 3 https://github.com/eclipse-ee4j/mojarra 3 https://github.com/jenkinsci/code-coverage-api-plugin 3 https://github.com/apache/commons-configuration 3 https://github.com/apache/cxf-fediz 3 https://github.com/apache/derby 3 https://github.com/apache/dubbo 3 https://github.com/apache/flume 3 https://github.com/apache/geronimo 3 https://github.com/jenkinsci/compuware-topaz-for-total-test-plugin 3 https://github.com/jenkinsci/lucene-search-plugin 3 https://bitbucket.org/b_c/jose4j 3 https://svn.apache.org/viewvc/lucene/dev 3 https://github.com/jenkinsci/azure-credentials-plugin 3 https://github.com/jenkinsci/audit-trail-plugin 3 https://github.com/jenkinsci/azure-vm-agents-plugin 3 https://github.com/Adobe-Consulting-Services/acs-aem-commons 3 https://github.com/jenkinsci/liquibase-runner-plugin 3 https://github.com/jenkinsci/mercurial-plugin 3 https://github.com/jenkinsci/nomad-plugin 3 https://github.com/ysuzhangbin/cms 3 https://github.com/jenkinsci/bitbucket-oauth-plugin 3 https://github.com/eclipse-vertx/vert.x 3