Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

maven Security Advisories

Loading...
High
GSA_kwCzR0hTQS14NjQ2LW03eDItZ2NwN83mbw
Path Traversal in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS0yNjR3LXhycjctNnFxZ84AAkDO
RCE vulnerability in Jenkins OpenShift Pipeline Plugin
Ecosystems: maven
Packages: com.openshift.jenkins:openshift-pipeline
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1mOGNjLWc3ajgteHhwbc4AAwqj
XStream can cause a Denial of Service by injecting deeply nested objects raising a stack overflow
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: GitHub Advisory Database
Blast Radius: 33.0
Published: over 1 year ago
High
GSA_kwCzR0hTQS05cGY4LXFxaG0tN3c2NM4AAQ0M
Improper Input Validation in Datomic
Ecosystems: maven
Packages: com.datomic:datomic-free
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWY5eGgtMnFncC1jcTU3
Unsafe Deserialization in jackson-databind
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 43.6
Published: over 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWN2bTktZmptOS0zNTcy
Unsafe Deserialization in jackson-databind
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 43.6
Published: over 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTltNmYtN3hjcS04dmY4
Unsafe Deserialization in jackson-databind
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 43.6
Published: over 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThjNGotMzRyNC14cjhn
Unsafe Deserialization in jackson-databind
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 43.6
Published: over 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTI4OGMtY3E0aC04OGdx
XML External Entity (XXE) Injection in Jackson Databind
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 40.4
Published: about 3 years ago
High
GSA_kwCzR0hTQS1qd2gyLWZmZzQtNDh4Y84AAn13
Improper Limitation of a Pathname to a Restricted Directory in Fabric8 Kubernetes Client
Ecosystems: maven
Packages: io.fabric8:kubernetes-client
Source: GitHub Advisory Database
Blast Radius: 25.3
Published: almost 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTU5NDktcnc3Zy13eDd3
Deserialization of untrusted data in jackson-databind
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 43.6
Published: over 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTlncGgtMjJ4aC04eDk4
Unsafe Deserialization in jackson-databind
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 43.6
Published: over 2 years ago
High
GSA_kwCzR0hTQS01YzZxLWY3ODMtaDg4OM4AAvHY
AWS Redshift JDBC Driver fails to validate class type during object instantiation
Ecosystems: maven
Packages: com.amazon.redshift:redshift-jdbc42
Source: GitHub Advisory Database
Blast Radius: 23.1
Published: over 1 year ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdnOW0tZmozdi1yNThj
REST Plugin in Apache Struts uses an XStreamHandler with an instance of XStream for deserialization without any type filtering
Ecosystems: maven
Packages: org.apache.struts:struts2-rest-plugin
Source: GitHub Advisory Database
Blast Radius: 18.8
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTgzNmctNWZyNS1mZ2Ny
Missing Authentication for Critical Function in Apache TomEE
Ecosystems: maven
Packages: org.apache.tomee:tomee
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA5M2MtaDhxbS03MjU2
Improper escaping in XWiki Platform
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-web
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJtN2ctOXE3NC05bTNx
Improper Certificate Validation in Apache Beam
Ecosystems: maven
Packages: org.apache.beam:beam-sdks-java-io-mongodb
Source: GitHub Advisory Database
Blast Radius: 12.1
Published: about 4 years ago
High
GSA_kwCzR0hTQS1jdmg4LTlqNHgtNXY0as38cQ
Jenkins Artifactory Plugin stored old directly entered credentials unencrypted on disk
Ecosystems: maven
Packages: org.jenkins-ci.plugins:artifactory
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1tOWNqLXY1NWYtOHgyNs00HA
Authentication Bypass in keycloak
Ecosystems: maven
Packages: org.keycloak:keycloak-core
Source: GitHub Advisory Database
Blast Radius: 26.9
Published: about 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJtOGgtZmdyOC0ycTl3
Pivotal Spring Framework Paths provided to the ResourceServlet were not properly sanitized
Ecosystems: maven
Packages: org.springframework:spring-webmvc
Source: GitHub Advisory Database
Blast Radius: 40.2
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJmNnItMmM0cS0ydndn
jackson-databind mishandles the interaction between serialization gadgets and typing
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 47.4
Published: almost 4 years ago
High
GSA_kwCzR0hTQS1neDNmLWhxN3AtOGZ4ds0XxA
Code injection in spring-cloud-netflix-hystrix-dashboard
Ecosystems: maven
Packages: org.springframework.cloud:spring-cloud-netflix-hystrix-dashboard
Source: GitHub Advisory Database
Blast Radius: 18.3
Published: over 2 years ago
High
GSA_kwCzR0hTQS1nOWhnLXg5YzktN3hncs4AAmvU
XXE vulnerability in Jenkins CVS Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:cvs
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1xZzY2LXh2N3YtbTgzNM4AAl8l
Stored XSS vulnerability in computer-queue-plugin Plugin
Ecosystems: maven
Packages: jenkins.ci.plugins.computerqueue:computer-queue-plugin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS03cmYzLW1xcHgtaDd4Z84AAwSP
Jettison Out-of-bounds Write vulnerability
Ecosystems: maven
Packages: org.codehaus.jettison:jettison
Source: GitHub Advisory Database
Blast Radius: 29.9
Published: over 1 year ago
High
GSA_kwCzR0hTQS02cTRwLWpyanYtNDRnZs4AAhnn
Cross-site request forgery vulnerability in Jenkins XL TestView Plugin
Ecosystems: maven
Packages: com.xebialabs.xlt.ci:xltestview-plugin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1ycTJ3LTM3aDktdmc5NM4AAwuy
Apache Tomcat improperly escapes input from JsonErrorReportValve
Ecosystems: maven
Packages: org.apache.tomcat:tomcat-util, org.apache.tomcat:tomcat-catalina, org.apache.tomcat.embed:tomcat-embed-core
Source: GitHub Advisory Database
Blast Radius: 31.1
Published: over 1 year ago
High
GSA_kwCzR0hTQS12cGZqLTVnZzUtZnZmbc4AAjxu
XXE vulnerability in Jenkins Cobertura Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:cobertura
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1wM2c0LTl4ZnYtd3E5ds4AAXTU
Arbitrary code execution due to incomplete sandbox protection in Pipeline: Supporting APIs Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins.workflow:workflow-support
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1jM2NnLW12NXctY3Z3OM4AAjkk
XXE vulnerability in FitNesse Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:fitnesse
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJ2eG0tdnA0Yy1mamZ3
Authentication Bypass in Apache Cassandra
Ecosystems: maven
Packages: org.apache.cassandra:cassandra-all
Source: GitHub Advisory Database
Blast Radius: 28.4
Published: over 2 years ago
High
GSA_kwCzR0hTQS1ycjNwLTVmY2YtdjVtM84AAz2X
SSL/TLS certificate validation disabled by default in Jenkins Checkmarx Plugin
Ecosystems: maven
Packages: com.checkmarx.jenkins:checkmarx
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTl2dnAtZnh3Ni1qY3hy
jackson-databind mishandles the interaction between serialization gadgets and typing
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 47.4
Published: almost 4 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFtcWMteDNyNC02djM5
Polymorphic deserialization of malicious object in jackson-databind
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 4 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVxOG0tbXFteC1weHA5
Spring Data Commons contain a property path parser vulnerability caused by unlimited resource allocation
Ecosystems: maven
Packages: org.springframework.data:spring-data-commons
Source: GitHub Advisory Database
Blast Radius: 30.5
Published: over 5 years ago
High
GSA_kwCzR0hTQS05aGhjLXBqNHctdzVyds4AAx5K
Keycloak Cross-site Scripting on OpenID connect login service
Ecosystems: maven
Packages: org.keycloak:keycloak-parent
Source: GitHub Advisory Database
Blast Radius: 13.1
Published: about 1 year ago
High
GSA_kwCzR0hTQS14dmhmLXE3NDQtNXhtOM4AAjkf
XXE vulnerability in NUnit Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:nunit
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRyNjQtd2Y3Ni1jNTNw
In blynk-server a Directory Traversal exists
Ecosystems: maven
Packages: com.github.blynkkk:blynk-server
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 5 years ago
High
GSA_kwCzR0hTQS01OTkzLXd3cGctbTkyY80Xvg
Apache Ozone user impersonation due to non-validation of Ozone S3 tokens
Ecosystems: maven
Packages: org.apache.hadoop:hadoop-ozone-ozone-manager
Source: GitHub Advisory Database
Blast Radius: 9.8
Published: over 2 years ago
High
GSA_kwCzR0hTQS01Y2Y4LXZycjgtOGhqbc4AAx7N
XWiki Platform packages Expose Sensitive Information to an Unauthorized Actor
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-wiki-ui-mainwiki, org.xwiki.platform:xwiki-platform-livetable-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
High
GSA_kwCzR0hTQS1oajdwLWg3NGotNmd4as4AA1ur
Non-constant time nonce comparison in Jenkins Microsoft Entra ID (previously Azure AD) Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:azure-ad
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 months ago
High
GSA_kwCzR0hTQS0zeDh4LTc5bTItM3cyd84AAyLf
jackson-databind possible Denial of Service if using JDK serialization to serialize JsonNode
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 40.4
Published: about 1 year ago
High
GSA_kwCzR0hTQS12cnBnLWM3YzQtOG1weM4AA1us
SSRF vulnerability in Jenkins Bitbucket Push and Pull Request Plugin allows capturing credentials
Ecosystems: maven
Packages: io.jenkins.plugins:bitbucket-push-and-pull-request
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 months ago
High
GSA_kwCzR0hTQS1yMzhmLWM0aDQtaHFxMs4AAt2m
PostgreSQL JDBC Driver SQL Injection in ResultSet.refreshRow() with malicious column names
Ecosystems: maven
Packages: org.postgresql:postgresql
Source: GitHub Advisory Database
Blast Radius: 37.2
Published: almost 2 years ago
High
GSA_kwCzR0hTQS00Z2gyLW04OGgtOGNqOM4AA1uz
Disabled permissions can be granted by Jenkins SSH2 Easy Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:ssh2easy
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 months ago
High
GSA_kwCzR0hTQS1xajJ3LW13MnItcHYzOc4AATbJ
RubyGems Deserialization of Untrusted Data vulnerability
Ecosystems: maven, rubygems
Packages: org.jruby:jruby-stdlib, rubygems-update
Source: GitHub Advisory Database
Blast Radius: 28.9
Published: almost 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZmNTQtM3FyOS1wamdq
Unauthenticated Access Via OAI-PMH
Ecosystems: maven
Packages: org.opencastproject:opencast-oaipmh-api
Source: GitHub Advisory Database
Blast Radius: 11.5
Published: over 4 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZtcXctdnFoNS1jd3E5
Apache NiFi user log out issue
Ecosystems: maven
Packages: org.apache.nifi:nifi-web-api, org.apache.nifi:nifi-web-security
Source: GitHub Advisory Database
Blast Radius: 16.3
Published: over 4 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg5cjMtcmNwai1oN3c2
Path traversal attack on Windows platforms
Ecosystems: maven
Packages: org.apache.tapestry:tapestry-core
Source: GitHub Advisory Database
Blast Radius: 21.6
Published: over 4 years ago
High
GSA_kwCzR0hTQS1oMnJxLXFocjctNTNnbc4AA5HR
Apache Sling Servlets Resolver executes malicious code via path traversal
Ecosystems: maven
Packages: org.apache.sling:org.apache.sling.servlets.resolver
Source: GitHub Advisory Database
Blast Radius: 9.0
Published: 3 months ago
High
GSA_kwCzR0hTQS1nZzUzLXdmNXgtcjNyNs4AAu8Q
XWiki Platform Security Parent POM vulnerable to overwriting of security rules of a page with a final page having the same reference
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-security
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJydngtcHdmOC1wNTlw
In Bouncy Castle JCE Provider the DSA key pair generator generates a weak private key if used with default values
Ecosystems: maven
Packages: org.bouncycastle:bcprov-jdk15, org.bouncycastle:bcprov-jdk14
Source: GitHub Advisory Database
Blast Radius: 22.5
Published: over 5 years ago
High
GSA_kwCzR0hTQS1xZjQyLWY1dmYtNnc5Oc4AA1vA
Disabled permissions granted by Jenkins Assembla Auth Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:assembla-auth
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 months ago
High
GSA_kwCzR0hTQS00ZzNqLWM0d2ctNmo3eM4AAyyP
Snowflake JDBC vulnerable to command injection via SSO URL authentication
Ecosystems: maven
Packages: net.snowflake:snowflake-jdbc
Source: GitHub Advisory Database
Blast Radius: 21.0
Published: about 1 year ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFjajctZzJqNS1nN3Iz
In Bouncy Castle JCE Provider ECDSA does not fully validate ASN.1 encoding of signature on verification
Ecosystems: maven
Packages: org.bouncycastle:bcprov-jdk15, org.bouncycastle:bcprov-jdk14
Source: GitHub Advisory Database
Blast Radius: 22.5
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZwNWotM2ZwZi1taGo1
Sensitive data written to disk unencrypted in Spark
Ecosystems: maven
Packages: org.apache.spark:spark-core_2.11
Source: GitHub Advisory Database
Blast Radius: 29.6
Published: almost 5 years ago
High
GSA_kwCzR0hTQS1wcXI1LTl2MmotNDR4Z81pPQ
Apache Tomcat DoS via Malicious Get Request
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1md2gtZ3F4OC1jNzg3
Allocation of Resources Without Limits or Throttling in Apache Tika
Ecosystems: maven
Packages: org.apache.tika:tika-core
Source: GitHub Advisory Database
Blast Radius: 33.3
Published: almost 5 years ago
High
GSA_kwCzR0hTQS1tZ3BmLWhoZ2YtY3hnNM0hGQ
In Apache Kylin, Cross-origin requests with credentials are allowed to be sent from any origin.
Ecosystems: maven
Packages: org.apache.kylin:kylin
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
High
GSA_kwCzR0hTQS02cDkyLXFmcWYtcXd4NM4AA5N0
OpenRefine JDBC Attack Vulnerability
Ecosystems: maven
Packages: org.openrefine:database
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
High
GSA_kwCzR0hTQS1jMzUyLXg4NDMtZ2dwcc4AA5KR
XXL-JOB vulnerable to Server-Side Request Forgery
Ecosystems: maven
Packages: com.xuxueli:xxl-job
Source: GitHub Advisory Database
Blast Radius: 6.2
Published: 3 months ago
High
GSA_kwCzR0hTQS0yOTN2LTUzMjktMzZ3cM4AAzHj
MCMS vulnerable to arbitrary code execution via crafted thumbnail
Ecosystems: maven
Packages: net.mingsoft:ms-mcms
Source: GitHub Advisory Database
Blast Radius: 2.6
Published: about 1 year ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXI5N3gtM2c4Zi1neDNt
The Bouncy Castle JCE Provider carry a propagation bug
Ecosystems: maven
Packages: org.bouncycastle:bcprov-jdk15, org.bouncycastle:bcprov-jdk14
Source: GitHub Advisory Database
Blast Radius: 22.5
Published: over 5 years ago
High
GSA_kwCzR0hTQS0zN2d4LWpxeDktZndtZ84AA5Yi
Improper Certificate Validation in Apache DolphinScheduler
Ecosystems: maven
Packages: org.apache.dolphinscheduler:dolphinscheduler
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
High
GSA_kwCzR0hTQS1xd3h4LXh3dzYtOHE4bc4AA5Yb
Remote Code Execution in Apache Dolphinscheduler
Ecosystems: maven
Packages: org.apache.dolphinscheduler:dolphinscheduler
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZqcTItNzg5cS1mZmYy
High severity vulnerability that affects org.apache.tika:tika-core
Ecosystems: maven
Packages: org.apache.tika:tika-core
Source: GitHub Advisory Database
Blast Radius: 28.4
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTIzZ2otMzY4aC05MnBx
Path Traversal in DKPro Core
Ecosystems: maven
Packages: de.tudarmstadt.ukp.dkpro.core:de.tudarmstadt.ukp.dkpro.core.api.datasets-asl
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: almost 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg4cTUtZzJjai1xcjVo
Apache Tika is vulnerable to entity expansions which can lead to a denial of service attack
Ecosystems: maven
Packages: org.apache.tika:tika-core
Source: GitHub Advisory Database
Blast Radius: 28.4
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTR3anEtNjlyYy04d2Nw
Path Traversal in Apache Camel
Ecosystems: maven
Packages: org.apache.camel:camel-core
Source: GitHub Advisory Database
Blast Radius: 29.5
Published: about 5 years ago
High
GSA_kwCzR0hTQS00ZzQyLWdxcmctNDYzM84AAz2O
Apache Struts vulnerable to memory exhaustion
Ecosystems: maven
Packages: org.apache.struts:struts2-core
Source: GitHub Advisory Database
Blast Radius: 28.4
Published: 11 months ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpwdjMtZzRjYy02dmZ4
Improper Control of Generation of Code ('Code Injection') in org.apache.activemq:activemq-client
Ecosystems: maven
Packages: org.apache.activemq:activemq-client
Source: GitHub Advisory Database
Blast Radius: 28.6
Published: about 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVjZjQtanF3cC01ODRn
Improper Privilege Management in org.apache.hadoop:hadoop-main
Ecosystems: maven
Packages: org.apache.hadoop:hadoop-main
Source: GitHub Advisory Database
Blast Radius: 6.7
Published: about 5 years ago
High
GSA_kwCzR0hTQS1mcDVyLXYzdzktNDMzM80bRA
JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data
Ecosystems: maven
Packages: org.zenframework.z8.dependencies.commons:log4j-1.2.17, log4j:log4j
Source: GitHub Advisory Database
Blast Radius: 40.3
Published: over 2 years ago
High
GSA_kwCzR0hTQS14bTkyLXJmMjQtaDc0d84AAV0f
Apache Geronimo Application Server multiple directory traversal vulnerabilities
Ecosystems: maven
Packages: org.apache.geronimo.plugins:console
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpjN3ItdjZmZy0yZ3Bm
Apache CXF TLS hostname verification does not work correctly with com.sun.net.ssl.*
Ecosystems: maven
Packages: org.apache.cxf:apache-cxf, org.apache.cxf:cxf
Source: GitHub Advisory Database
Blast Radius: 16.8
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZxOWotamg2Mi01aG1w
Apache Camel's Validation Component is vulnerable against SSRF via remote DTDs and XXE.
Ecosystems: maven
Packages: org.apache.camel:camel-core
Source: GitHub Advisory Database
Blast Radius: 29.1
Published: over 5 years ago
High
GSA_kwCzR0hTQS1nOWhoLXZ2eDMtdjM3ds0_tA
Denial of service in HtmlUnit-Neko
Ecosystems: maven
Packages: net.sourceforge.htmlunit:neko-htmlunit
Source: GitHub Advisory Database
Blast Radius: 14.9
Published: about 2 years ago
High
GSA_kwCzR0hTQS00cG0zLWY1MmotOGdnaM0_og
Improper Input Validation in GeoServer
Ecosystems: maven
Packages: org.geoserver:gs-main
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS1nNW1tLXZteDQtM3JnN807dA
Improper handling of case sensitivity in Spring Framework
Ecosystems: maven
Packages: org.springframework:spring-context
Source: GitHub Advisory Database
Blast Radius: 40.2
Published: about 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhwbXgtaDd4cS14ZmZo
Potential access control security issue in apollo-adminservice
Ecosystems: maven
Packages: com.ctrip.framework.apollo:apollo-core
Source: GitHub Advisory Database
Blast Radius: 16.5
Published: over 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFqdzItaHI5OC1xZ2Zo
Unsafe Deserialization in jackson-databind
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 43.6
Published: over 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA5NzktNG1mdy01M3Zn
HTTP Request Smuggling in Netty
Ecosystems: maven
Packages: io.netty:netty-all, org.jboss.netty:netty
Source: GitHub Advisory Database
Blast Radius: 34.0
Published: over 4 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXAyeHEtdmNtNy14amo2
Stack Overflow in Apache Mesos
Ecosystems: maven
Packages: org.apache.mesos:mesos
Source: GitHub Advisory Database
Blast Radius: 22.4
Published: about 5 years ago
High
GSA_kwCzR0hTQS03cnA2LXc3bWctaDhyd80V1w
XML External Entity Reference in Apache Jena
Ecosystems: maven
Packages: org.apache.jena:jena-core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
High
GSA_kwCzR0hTQS1yam1xLTZ2NTUtNHJqds0y6w
Improper Authorization in org.cometd.oort
Ecosystems: maven
Packages: org.cometd.java:cometd-java-oort
Source: GitHub Advisory Database
Blast Radius: 11.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS04Zzd2LXZqcmMteDRnNc4AA6JF
GeoServer log file path traversal vulnerability
Ecosystems: maven
Packages: org.geoserver:gs-main
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJxOHgtMnA3Zi01NzR2
XStream is vulnerable to an Arbitrary Code Execution attack
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: GitHub Advisory Database
Blast Radius: 37.9
Published: over 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWN4Zm0tNW00Zy14N3hw
A Server-Side Forgery Request can be activated unmarshalling with XStream to access data streams from an arbitrary URL referencing a resource in an intranet or the local host
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: GitHub Advisory Database
Blast Radius: 37.9
Published: over 2 years ago
High
GSA_kwCzR0hTQS1neDZoLTkzNmMtdnJycs0p3Q
Cross site scripting in registration template in xwiki-platform
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-web-templates
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXE0aGctcm1xMi01MnE5
Improper Locking in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat.embed:tomcat-embed-core
Source: GitHub Advisory Database
Blast Radius: 31.1
Published: almost 5 years ago
High
GSA_kwCzR0hTQS1oeGd3LTc1MzktcHY3cs3t6w
Cloud Foundry denial of service vulnerability
Ecosystems: maven
Packages: org.cloudfoundry.identity:cloudfoundry-identity-server
Source: GitHub Advisory Database
Blast Radius: 8.8
Published: almost 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc5amctZ3Znci0zNTRt
Resource Exhaustion in Spring Security
Ecosystems: maven
Packages: org.springframework.security:spring-security-oauth2-client, org.springframework.security:spring-security-core
Source: GitHub Advisory Database
Blast Radius: 34.8
Published: almost 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWcyM3YtcDVqcS1qdmg0
Infinite loop in Apache CFX
Ecosystems: maven
Packages: org.apache.cxf:cxf, org.apache.cxf:apache-cxf
Source: GitHub Advisory Database
Blast Radius: 15.5
Published: over 2 years ago
High
GSA_kwCzR0hTQS1majJ3LXdmZ3YtbXdxNs0kcw
Denial of service in CBOR library
Ecosystems: maven
Packages: com.upokecenter:cbor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNxOWMtNTVyNy00NTV4
Improper Authentication in Apache Karaf
Ecosystems: maven
Packages: org.apache.karaf:apache-karaf
Source: GitHub Advisory Database
Blast Radius: 25.1
Published: over 5 years ago
High
GSA_kwCzR0hTQS13cnZ3LWhnMjItNG02N80hQw
A potential Denial of Service issue in protobuf-java
Ecosystems: maven, rubygems
Packages: com.google.protobuf:protobuf-kotlin, com.google.protobuf:protobuf-java, google-protobuf
Source: GitHub Advisory Database
Blast Radius: 61.8
Published: over 2 years ago
High
GSA_kwCzR0hTQS1jNjl3LWpqNTYtODM0d80bUg
Improper Certificate Validation and Improper Validation of Certificate with Host Mismatch in Apache Sling Commons Messaging Mail
Ecosystems: maven
Packages: org.apache.sling:org.apache.sling.commons.messaging.mail
Source: GitHub Advisory Database
Blast Radius: 5.2
Published: over 2 years ago
High
GSA_kwCzR0hTQS03cnBqLWhnNDctY3g2Ms0auA
Improper Restriction of XML External Entity Reference in com.h2database:h2.
Ecosystems: maven
Packages: com.h2database:h2
Source: GitHub Advisory Database
Blast Radius: 44.0
Published: over 2 years ago
High
GSA_kwCzR0hTQS1oY3h4LW1wNmctNmdyOc0bPw
Opencast publishes global system account credentials
Ecosystems: maven
Packages: org.opencastproject:opencast-common
Source: GitHub Advisory Database
Blast Radius: 11.8
Published: over 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNqamYtOTRmZi00M3c3
jackson-databind Deserialization of Untrusted Data vulnerability
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 40.4
Published: about 5 years ago
Statistics
Advisories: 18,440
Packages: 8,316
Repositories: 972
Ecosystems: 12
Filter by Severity
Moderate 7,964 High 6,379 Critical 2,816 Low 990
Filter by Ecosystem
maven 5,537 packagist 3,820 pypi 3,750 npm 3,551 go 1,904 nuget 1,391 rubygems 814 cargo 779 swift 31 hex 30 actions 16 pub 8
Filter by Package
org.jenkins-ci.main:jenkins-core 189 org.apache.tomcat:tomcat 134 com.fasterxml.jackson.core:jackson-databind 69 org.apache.struts:struts2-core 55 org.keycloak:keycloak-core 47 com.liferay.portal:release.portal.bom 45 com.thoughtworks.xstream:xstream 36 org.apache.tomcat.embed:tomcat-embed-core 36 com.jfinal:jfinal 36 net.mingsoft:ms-mcms 35 org.xwiki.platform:xwiki-platform-oldcore 34 org.jenkins-ci.plugins:script-security 32 org.elasticsearch:elasticsearch 32 org.keycloak:keycloak-services 27 io.undertow:undertow-core 27 org.keycloak:keycloak-parent 25 org.apache.solr:solr-core 25 org.eclipse.jetty:jetty-server 23 org.springframework.security:spring-security-core 23 org.apache.nifi:nifi 22 org.apache.openmeetings:openmeetings-parent 21 org.cloudfoundry.identity:cloudfoundry-identity-server 20 org.springframework:spring-core 19 org.bouncycastle:bcprov-jdk14 19 com.liferay.portal:release.dxp.bom 18 com.vaadin:vaadin-bom 18 org.xwiki.platform:xwiki-platform-web-templates 17 org.apache.geode:geode-core 17 org.apache.dubbo:dubbo 16 org.bouncycastle:bcprov-jdk15 16 org.apache.activemq:activemq-client 16 org.apache.struts.xwork:xwork-core 15 org.apache.jspwiki:jspwiki-main 15 org.apache.inlong:manager-pojo 14 org.xwiki.platform:xwiki-platform-web 14 org.apache.hadoop:hadoop-main 13 org.apache.cxf:cxf 13 org.apache.dolphinscheduler:dolphinscheduler 12 com.vaadin:flow-server 12 org.jenkins-ci.plugins.workflow:workflow-cps 12 org.jenkins-ci.plugins:git 12 org.apache.cxf:cxf-core 11 org.apache.hadoop:hadoop-common 11 org.igniterealtime.openfire:parent 11 org.jenkins-ci.plugins:email-ext 11 org.apache.camel:camel-core 11 org.jeecgframework.boot:jeecg-boot-common 11 org.mortbay.jetty:jetty 11 org.apache.commons:commons-compress 11 org.apache.ranger:ranger 11 org.jeecgframework.boot:jeecg-boot-parent 11 org.apache.tomcat:tomcat-coyote 11 org.apache.jspwiki:jspwiki-war 11 com.xuxueli:xxl-job 11 org.apache.james:james-server 11 org.apache.tika:tika-core 11 io.netty:netty 10 org.xwiki.platform:xwiki-platform-administration-ui 10 org.jboss.netty:netty 10 org.jenkins-ci.plugins.workflow:workflow-cps-global-lib 10 org.apache.inlong:manager-service 10 org.apache.shiro:shiro-core 9 io.jenkins:configuration-as-code 9 org.apache.tapestry:tapestry-core 9 org.opencrx:opencrx-core-models 9 org.opennms:opennms 9 org.craftercms:crafter-studio 9 com.sonyericsson.jenkins.plugins.bfa:build-failure-analyzer 9 org.jenkins-ci.plugins:active-directory 9 org.apache.archiva:archiva 9 cn.hutool:hutool-core 9 org.apache.xmlgraphics:batik 9 org.springframework:spring-web 9 org.jenkins-ci.plugins:electricflow 9 org.apache.hive:hive 9 org.apache.tomcat:tomcat-catalina 9 org.jenkins-ci.plugins:config-file-provider 9 org.springframework:spring-webmvc 9 org.bouncycastle:bcprov-jdk15on 9 jquery 9 jquery-rails 9 org.webjars.npm:jquery 9 io.jenkins.blueocean:blueocean 8 org.apache.zeppelin:zeppelin 8 org.opencms:opencms-core 8 org.graylog2:graylog2-server 8 jQuery 8 org.apache.santuario:xmlsec 8 org.yaml:snakeyaml 8 org.postgresql:postgresql 8 com.hazelcast:hazelcast 8 mysql:mysql-connector-java 8 org.jenkins-ci.plugins:ec2 8 org.apache.hive:hive-exec 8 org.apache.ozone:ozone-main 8 org.apache.kylin:kylin 8 org.apache.pdfbox:pdfbox 8 org.apache.ambari:ambari 8 org.apache.derby:derby 7 org.apache.activemq:activemq-parent 7 org.jeecgframework.boot:jeecg-boot-base 7 org.apache.tika:tika 7 org.owasp.esapi:esapi 7 org.apache.inlong:manager-web 7 io.dataease:dataease-plugin-common 7 org.jboss.resteasy:resteasy-client 7 io.jenkins.plugins:cavisson-ns-nd-integration 7 org.apache.spark:spark-core_2.11 7 org.jruby:jruby-stdlib 7 org.apache.cxf:apache-cxf 7 org.jenkins-ci.plugins:rundeck 7 org.jenkins-ci.plugins:mercurial 7 org.apache.atlas:atlas-common 7 rubygems-update 7 org.jenkins-ci.plugins:subversion 7 org.apache.karaf:apache-karaf 7 org.apache.logging.log4j:log4j-core 7 org.jenkins-ci.plugins:jobConfigHistory 7 io.atomix:atomix 7 net.opentsdb:opentsdb 7 org.owasp.antisamy:antisamy 7 io.jenkins.plugins:miniorange-saml-sp 7 org.jenkins-ci.plugins:openshift-deployer 7 org.apache.poi:poi 7 org.apache.linkis:linkis 7 jQuery.UI.Combined 7 org.jenkins-ci.plugins:artifactory 7 jquery-ui 7 jquery-ui-rails 7 org.silverpeas.core:silverpeas-core-web 7 org.apache.hive:hive-service 7 io.jenkins.plugins:warnings-ng 7 org.webjars.npm:jquery-ui 7 org.apache.struts:struts2-rest-plugin 6 org.csanchez.jenkins.plugins:kubernetes 6 org.apache.shenyu:shenyu-common 6 de.tum.in.ase:artemis-java-test-sandbox 6 org.opensearch.plugin:opensearch-security 6 io.netty:netty-handler 6 org.opencastproject:opencast-kernel 6 com.jflyfox:jflyfox_jfinal 6 org.xwiki.commons:xwiki-commons-xml 6 org.jenkins-ci.plugins:azure-vm-agents 6 org.apache.pulsar:pulsar-broker 6 hudson.plugins:project-inheritance 6 org.jenkins-ci.plugins:ec2-deployment-dashboard 6 org.apache.spark:spark-core_2.10 6 org.jenkins-ci.plugins:repository-connector 6 axis:axis 6 io.netty:netty-codec-http 6 org.apache.axis:axis 6 org.jenkins-ci.plugins:fortify-on-demand-uploader 6 org.apache.storm:storm-core 6 org.apache.httpcomponents:httpclient 6 com.sonyericsson.hudson.plugins.gerrit:gerrit-trigger 6 com.xebialabs.deployit.ci:deployit-plugin 6 org.apache.mesos:mesos 6 org.bouncycastle:bcprov-jdk15to18 6 org.apache.syncope:syncope-core 6 org.jenkins-ci.plugins:pipeline-maven 6 cn.hutool:hutool-json 6 tech.powerjob:powerjob 6 org.jenkins-ci.plugins:gitlab-oauth 6 commons-fileupload:commons-fileupload 6 org.apache.solr:solr-parent 6 org.jenkins-ci.plugins:openid 5 org.jenkins-ci.plugins:mailer 5 org.jenkins-ci.plugins:websphere-deployer 5 org.springframework.amqp:spring-amqp 5 org.opennms:opennms-webapp 5 com.google.protobuf:protobuf-java 5 info.magnolia:magnolia-core 5 org.jenkins-ci.plugins:junit 5 com.nimbusds:nimbus-jose-jwt 5 edu.stanford.nlp:stanford-corenlp 5 org.apache.cassandra:cassandra-all 5 org.jenkins-ci.plugins:htmlpublisher 5 com.alibaba:dubbo 5 org.jenkins-ci.plugins:ghprb 5 org.apache.struts:struts-core 5 org.xwiki.platform:xwiki-platform-flamingo-skin-resources 5 org.jenkins-ci.plugins:gitlab-plugin 5 org.apache.inlong:manager-dao 5 org.jenkins-ci.plugins.m2release:m2release 5 org.jenkins-ci.plugins:extended-choice-parameter 5 com.datapipe.jenkins.plugins:hashicorp-vault-plugin 5 org.igniterealtime.openfire:xmppserver 5 org.bouncycastle:bcprov-ext-jdk15on 5 org.jenkins-ci.plugins:publish-over-ssh 5 com.synopsys.jenkinsci:ownership 5 org.jenkins-ci.plugins:fortify 5 com.ruoyi:ruoyi 5 log4j:log4j 5 org.zenframework.z8.dependencies.commons:log4j-1.2.17 5 org.jenkins-ci.plugins:credentials 5 com.coravy.hudson.plugins.github:github 5 io.vertx:vertx-web 5 struts:struts 5 org.jenkinsci.plugins:octoperf 5 org.jenkins-ci.plugins:sinatra-chef-builder 5
Filter by Repository
https://github.com/xwiki/xwiki-platform 172 https://github.com/jenkinsci/jenkins 148 https://github.com/apache/tomcat 96 https://github.com/FasterXML/jackson-databind 70 https://github.com/keycloak/keycloak 58 https://github.com/apache/struts 46 https://github.com/spring-projects/spring-framework 41 https://github.com/x-stream/xstream 36 https://github.com/apache/activemq 33 https://github.com/CVEProject/cvelist 28 https://github.com/apache/inlong 26 https://github.com/eclipse/jetty.project 23 https://github.com/jenkinsci/script-security-plugin 21 https://github.com/apache/nifi 21 https://github.com/netty/netty 20 https://github.com/OpenNMS/opennms 20 https://github.com/jeecgboot/jeecg-boot 20 https://github.com/bcgit/bc-java 19 https://github.com/apache/cxf 19 https://github.com/cloudfoundry/uaa 19 https://github.com/vaadin/platform 17 https://github.com/opencast/opencast 16 https://github.com/geoserver/geoserver 15 https://github.com/apache/camel 15 https://github.com/ming-soft/MCMS 13 https://github.com/quarkusio/quarkus 13 https://github.com/undertow-io/undertow 13 https://github.com/xuxueli/xxl-job 13 https://github.com/apache/dolphinscheduler 12 https://github.com/dromara/hutool 12 https://github.com/apache/kylin 12 https://github.com/igniterealtime/Openfire 11 https://github.com/vaadin/flow 11 https://github.com/jenkinsci/git-plugin 10 https://github.com/jquery/jquery 10 https://github.com/apache/lucene-solr 9 https://github.com/Graylog2/graylog2-server 9 https://github.com/DSpace/DSpace 9 https://github.com/cui2shark/cms 9 https://github.com/spring-projects/spring-security 9 https://github.com/opensearch-project/security 8 https://github.com/xwiki/xwiki-commons 8 https://github.com/nahsra/antisamy 8 https://github.com/hazelcast/hazelcast 8 https://github.com/jenkinsci/config-file-provider-plugin 8 https://github.com/apache/zeppelin 8 https://github.com/apache/xmlgraphics-batik 7 https://github.com/RhinoSecurityLabs/CVEs 7 https://github.com/ratpack/ratpack 7 https://github.com/jflyfox/jfinal_cms 7 https://github.com/rubygems/rubygems 7 https://github.com/rundeck/rundeck 7 https://github.com/dataease/dataease 7 https://github.com/OpenTSDB/opentsdb 7 https://github.com/pgjdbc/pgjdbc 7 https://github.com/vaadin/framework 7 https://github.com/jenkinsci/blueocean-plugin 7 https://github.com/jenkinsci/electricflow-plugin 6 https://github.com/vert-x3/vertx-web 6 https://github.com/OpenRefine/OpenRefine 6 https://github.com/jenkinsci/ec2-plugin 6 https://github.com/apache/hadoop 6 https://github.com/apache/tika 6 https://github.com/DrunkenShells/Disclosures 6 https://github.com/jenkinsci/configuration-as-code-plugin 6 https://github.com/playframework/playframework 6 https://github.com/jquery/jquery-ui 6 https://github.com/apache/pulsar 6 https://github.com/resteasy/resteasy 6 https://github.com/ls1intum/Ares 6 https://github.com/ESAPI/esapi-java-legacy 6 https://bitbucket.org/snakeyaml/snakeyaml 6 https://github.com/jenkinsci/build-failure-analyzer-plugin 6 https://github.com/line/armeria 6 https://github.com/jenkinsci/fortify-on-demand-uploader-plugin 6 https://github.com/jenkinsci/gerrit-trigger-plugin 6 https://github.com/http4s/http4s 6 https://github.com/cui2shark/security 6 https://github.com/jenkinsci/m2release-plugin 5 https://github.com/apache/karaf 5 https://github.com/grails/grails-core 5 https://github.com/protocolbuffers/protobuf 5 https://github.com/apache/shiro 5 https://github.com/PowerJob/PowerJob 5 https://github.com/apache/shenyu 5 https://github.com/alibaba/nacos 5 https://github.com/JLLeitschuh/security-research 5 https://github.com/h2database/h2database 5 https://github.com/jenkinsci/workflow-cps-global-lib-plugin 5 https://github.com/apache/openmeetings 5 https://github.com/jensdietrich/xshady-release 5 https://github.com/jettison-json/jettison 5 https://github.com/jenkinsci/email-ext-plugin 5 https://github.com/OpenAPITools/openapi-generator 5 https://github.com/jenkinsci/codedx-plugin 5 https://github.com/jenkinsci/active-directory-plugin 5 https://github.com/apiman/apiman 5 https://github.com/jenkinsci/publish-over-ssh-plugin 5 https://github.com/jenkinsci/subversion-plugin 5 https://github.com/restlet/restlet-framework-java 5 https://bitbucket.org/connect2id/nimbus-jose-jwt 5 https://github.com/jenkinsci/github-plugin 5 https://github.com/jenkinsci/junit-plugin 5 https://github.com/jenkinsci/gitlab-plugin 5 https://github.com/jenkinsci/support-core-plugin 5 https://github.com/neo4j-contrib/neo4j-apoc-procedures 5 https://github.com/apache/geode 5 https://github.com/reportportal/reportportal 4 https://github.com/jenkinsci/nexus-platform-plugin 4 https://github.com/jenkinsci/gitlab-oauth-plugin 4 https://github.com/jenkinsci/p4-plugin 4 https://github.com/itext/itext7 4 https://github.com/jenkinsci/libvirt-slave-plugin 4 https://github.com/jenkinsci/htmlpublisher-plugin 4 https://github.com/pippo-java/pippo 4 https://github.com/resteasy/Resteasy 4 https://github.com/jenkinsci/xldeploy-plugin 4 https://github.com/jenkinsci/rundeck-plugin 4 https://github.com/jenkinsci/matrix-project-plugin 4 https://github.com/skylot/jadx 4 https://github.com/jenkinsci/credentials-binding-plugin 4 https://github.com/shopizer-ecommerce/shopizer 4 https://github.com/jfinal/jfinal 4 https://github.com/jenkinsci/active-choices-plugin 4 https://github.com/nightcloudos/new_cms 4 https://github.com/xerial/snappy-java 4 https://github.com/infinispan/infinispan 4 https://github.com/apache/activemq-artemis 4 https://github.com/ktorio/ktor 4 https://github.com/aws/aws-iot-device-sdk-java-v2 4 https://github.com/jenkinsci/job-config-history-plugin 4 https://github.com/apache/httpcomponents-client 4 https://github.com/yamcs/yamcs 4 https://github.com/alkacon/opencms-core 4 https://github.com/stanfordnlp/corenlp 4 https://github.com/apache/syncope 4 https://github.com/jenkinsci/hpe-application-automation-tools-plugin 4 https://github.com/jenkinsci/ansible-plugin 4 https://github.com/HtmlUnit/htmlunit 4 https://github.com/apache/solr 4 https://github.com/jenkinsci/warnings-ng-plugin 4 https://github.com/jenkinsci/workflow-cps-plugin 4 https://github.com/micronaut-projects/micronaut-core 4 https://github.com/jenkinsci/fortify-plugin 4 https://github.com/apache/santuario-java 3 https://github.com/matrix-org/matrix-android-sdk2 3 https://github.com/apache/storm 3 https://github.com/jenkinsci/git-parameter-plugin 3 https://github.com/AsyncHttpClient/async-http-client 3 https://github.com/jenkinsci/database-plugin 3 https://github.com/jenkinsci/embeddable-build-status-plugin 3 https://github.com/codehaus-plexus/plexus-utils 3 https://github.com/opengoofy/hippo4j 3 https://github.com/jenkinsci/gitlab-branch-source-plugin 3 https://github.com/open-metadata/OpenMetadata 3 https://github.com/orientechnologies/orientdb 3 https://github.com/OWASP/json-sanitizer 3 https://github.com/Rabb1ter/cms 3 https://github.com/intranda/goobi-viewer-core 3 https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server 3 https://github.com/mbechler/marshalsec 3 https://github.com/LetianYuan/My-CVE-Public-References 3 https://github.com/qos-ch/logback 3 https://github.com/jenkinsci/git-client-plugin 3 https://github.com/jenkinsci/hashicorp-vault-plugin 3 https://github.com/pf4j/pf4j 3 https://github.com/peteroupc/CBOR-Java 3 https://github.com/li-yu320/cms 3 https://github.com/joniles/mpxj 3 https://github.com/jooby-project/jooby 3 https://github.com/jenkinsci/kubernetes-plugin 3 https://github.com/jenkinsci/cas-plugin 3 https://github.com/wso2/carbon-registry 3 https://github.com/jenkinsci/ci-with-toad-edge-plugin 3 https://github.com/eclipse/lemminx 3 https://github.com/jenkinsci/cloudbees-jenkins-advisor-plugin 3 https://github.com/wildfly/wildfly-core 3 https://github.com/eclipse-ee4j/mojarra 3 https://github.com/jenkinsci/code-coverage-api-plugin 3 https://github.com/apache/commons-configuration 3 https://github.com/apache/cxf-fediz 3 https://github.com/apache/derby 3 https://github.com/apache/dubbo 3 https://github.com/apache/flume 3 https://github.com/apache/geronimo 3 https://github.com/jenkinsci/compuware-topaz-for-total-test-plugin 3 https://github.com/jenkinsci/lucene-search-plugin 3 https://bitbucket.org/b_c/jose4j 3 https://svn.apache.org/viewvc/lucene/dev 3 https://github.com/jenkinsci/azure-credentials-plugin 3 https://github.com/jenkinsci/audit-trail-plugin 3 https://github.com/jenkinsci/azure-vm-agents-plugin 3 https://github.com/Adobe-Consulting-Services/acs-aem-commons 3 https://github.com/jenkinsci/liquibase-runner-plugin 3 https://github.com/jenkinsci/mercurial-plugin 3 https://github.com/jenkinsci/nomad-plugin 3 https://github.com/ysuzhangbin/cms 3 https://github.com/jenkinsci/bitbucket-oauth-plugin 3 https://github.com/eclipse-vertx/vert.x 3