Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

maven Security Advisories

Loading...
Moderate
GSA_kwCzR0hTQS05cHZ3LThxOTItaG05d84AAz2V
Stored XSS vulnerability in Jenkins Maven Repository Server Plugin
Ecosystems: maven
Packages: jenkins:repository
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
Moderate
GSA_kwCzR0hTQS14MzQ3LWZjOXctdzdjM84AAwxu
Nuxeo vulnerable to Reflected Cross-Site Scripting leading to Remote Code Execution
Ecosystems: maven
Packages: org.nuxeo.ecm.platform:nuxeo-platform-oauth
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTcybTUtZnZ2di01NW02
Observable Differences in Behavior to Error Inputs in Bouncy Castle
Ecosystems: maven
Packages: org.bouncycastle:bcprov-jdk15to18, org.bouncycastle:bcprov-jdk15on, org.bouncycastle:bcprov-ext-jdk16, org.bouncycastle:bcprov-ext-jdk15on, org.bouncycastle:bc-fips, org.bouncycastle:bcprov-jdk16, org.bouncycastle:bcprov-jdk15, org.bouncycastle:bcprov-jdk14
Source: GitHub Advisory Database
Blast Radius: 22.7
Published: about 3 years ago
Moderate
GSA_kwCzR0hTQS00aGZwLW05Z3YtbTc1M84AA5bO
XWiki extension license information is public, exposing instance id and license holder details
Ecosystems: maven
Packages: com.xwiki.licensing:application-licensing-licensor-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS1xdzY5LXJxajgtNnF3OM4AAy3u
OutOfMemoryError for large multipart without filename in Eclipse Jetty
Ecosystems: maven
Packages: org.eclipse.jetty:jetty-server
Source: GitHub Advisory Database
Blast Radius: 24.1
Published: about 1 year ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc2M2ctZnFxNy00OHdn
XML external entity (XXE) processing ('external-parameter-entities' feature was not fully disabled))
Ecosystems: maven
Packages: com.puppycrawl.tools:checkstyle
Source: GitHub Advisory Database
Blast Radius: 16.7
Published: over 4 years ago
Moderate
GSA_kwCzR0hTQS05djhnLWY5bXEtNzM5Z84AA1vB
Improper masking of credentials in Jenkins Pipeline Maven Integration Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:pipeline-maven
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 months ago
Moderate
GSA_kwCzR0hTQS1ndjg2LTQzcnYtNzltMs4AATay
RubyGems Improper Input Validation vulnerability
Ecosystems: maven, rubygems
Packages: org.jruby:jruby-stdlib, rubygems-update
Source: GitHub Advisory Database
Blast Radius: 19.6
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1xeHA0LTI3dngteG1tM84AAUC0
Improper Input Validation in Jetty
Ecosystems: maven
Packages: org.eclipse.jetty:jetty-server
Source: GitHub Advisory Database
Blast Radius: 24.1
Published: about 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA5ajYtNHBqci1ncDQ4
MPXJ path Traversal vulnerability
Ecosystems: maven
Packages: net.sf.mpxj:mpxj
Source: GitHub Advisory Database
Blast Radius: 8.8
Published: over 3 years ago
Moderate
GSA_kwCzR0hTQS14Nmp3LTJmMjMtbWM1as3mkg
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1qaDdxLTVtd2YtcXZod84AAm5Y
Keycloak vulnerable to Server-Side Request Forgery
Ecosystems: maven
Packages: org.keycloak:keycloak-core
Source: GitHub Advisory Database
Blast Radius: 16.2
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS03ZjZ3LWZobXItajhocc4AAYy3
Jenkins HttpOnly flag not Set for session cookies
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1jOHFyLXZmamYtNjJxM84AARb5
Emails were sent to addresses not associated with actual users of Jenkins by Email Extension Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:email-ext
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXY4M3AteHdtOS12NGc4
Injection in Apache Archiva
Ecosystems: maven
Packages: org.apache.archiva:archiva
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc0ZmotY2NyNi03cGNw
Apache NiFi Insertion of Sensitive Information into Log File
Ecosystems: maven
Packages: org.apache.nifi:nifi-parameter
Source: GitHub Advisory Database
Blast Radius: 9.7
Published: over 2 years ago
Low
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWc1dmYtdjZ3Zi03dzJy
Ciphertext Malleability Issue in Tink Java
Ecosystems: maven
Packages: com.google.crypto.tink:tink
Source: GitHub Advisory Database
Blast Radius: 14.3
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc0Y3YtZjU4eC1mOXdm
XStream is vulnerable to an Arbitrary File Deletion on the local host when unmarshalling as long as the executing process has sufficient rights
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: GitHub Advisory Database
Blast Radius: 23.4
Published: about 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWh2djgtMzM2Zy1yeDNt
A Server-Side Forgery Request can be activated unmarshalling with XStream to access data streams from an arbitrary URL referencing a resource in an intranet or the local host
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: GitHub Advisory Database
Blast Radius: 23.4
Published: about 3 years ago
Moderate
GSA_kwCzR0hTQS1yeHBoLWNxMzgtZ20zZ84AAi-_
Jenkins SCTMExecutor Plugin stores credentials in plain text
Ecosystems: maven
Packages: hudson.plugins.sctmexecutor:SCTMExecutor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1nN2NmLXdnMjctcXc4N84AAYy2
Jenkins secure flag not set on session cookies
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS0yNDU3LTIyNjMtbW05Zs0kfQ
Memory leak in micronaut-core
Ecosystems: maven
Packages: io.micronaut:micronaut-http
Source: GitHub Advisory Database
Blast Radius: 10.7
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS03djlwLTM0cjItcTY2OM4AAmKt
Incorrect default pattern in Jenkins Audit Trail Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:audit-trail
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhyMzItbWdwbS1xZjJm
Generation of Error Message Containing Sensitive Information in RESTEasy client
Ecosystems: maven
Packages: org.jboss.resteasy:resteasy-client-microprofile, org.jboss.resteasy:resteasy-client
Source: GitHub Advisory Database
Blast Radius: 20.1
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS1qNXYzLTM2M3AtZzg0M84AAve_
OpenCRX vulnerable to password enumeration via error messages in password reset
Ecosystems: maven
Packages: org.opencrx:opencrx-client
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS02NzI2LTJyeDMtY2d3aM4AA5JB
Apache Ozone Improper Authentication vulnerability
Ecosystems: maven
Packages: org.apache.ozone:ozone-main
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS1mcnhtLXY3cTMtdjJ3ds4AA4l1
Insertion of Sensitive Information into Log File in OWASP DependencyCheck
Ecosystems: maven
Packages: org.owasp:dependency-check-maven, org.owasp:dependency-check-cli, org.owasp:dependency-check-ant
Source: GitHub Advisory Database
Blast Radius: 11.0
Published: 4 months ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWp2NzQtZjlwai14cDNm
Apache Camel's Mail is vulnerable to path traversal
Ecosystems: maven
Packages: org.apache.camel:camel-mail
Source: GitHub Advisory Database
Blast Radius: 15.0
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXB4OWgteDY2ci04bXBj
path traversal in Jooby
Ecosystems: maven
Packages: org.jooby:jooby, io.jooby:jooby
Source: GitHub Advisory Database
Blast Radius: 9.2
Published: about 4 years ago
Moderate
GSA_kwCzR0hTQS1nZjhjLWo3NTktODZtZ84AAua3
org.apache.activemq:artemis-core-client Vulnerable to Out-of-Bounds Write
Ecosystems: maven
Packages: org.apache.activemq:artemis-core-client
Source: GitHub Advisory Database
Blast Radius: 15.8
Published: over 1 year ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWM4eGYtbTRmZi1qY3hq
Moderate severity vulnerability that affects org.bouncycastle:bcprov-jdk14 and org.bouncycastle:bcprov-jdk15
Ecosystems: maven
Packages: org.bouncycastle:bcprov-jdk15, org.bouncycastle:bcprov-jdk14
Source: GitHub Advisory Database
Blast Radius: 15.9
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWd3Y3ItajR3aC1qM2Nx
Jetty Utility Servlets ConcatServlet Double Decoding Information Disclosure Vulnerability
Ecosystems: maven
Packages: org.eclipse.jetty:jetty-servlets
Source: GitHub Advisory Database
Blast Radius: 20.8
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS1waGY4LTNxZ3Ytcmc1cc37zQ
Missing Authorization in Jenkins Blue Ocean Plugin
Ecosystems: maven
Packages: io.jenkins.blueocean:blueocean
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1jcWo4LTQ3Y2gtcnZ2cc4AAnZt
Incorrect Default Permissions in JetBrains Kotlin
Ecosystems: maven
Packages: org.jetbrains.kotlin:kotlin-stdlib
Source: GitHub Advisory Database
Blast Radius: 26.0
Published: almost 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXYycjItN3FtNy1qajZ2
Spring Security uses insufficiently random values
Ecosystems: maven
Packages: org.springframework.security:spring-security-core
Source: GitHub Advisory Database
Blast Radius: 24.6
Published: about 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpnbXItd3J3eC1tZ2Zq
Exposure of Sensitive Information to an Unauthorized Actor and SQL Injection in Spring Data JPA
Ecosystems: maven
Packages: org.springframework.data:spring-data-jpa
Source: GitHub Advisory Database
Blast Radius: 24.5
Published: about 5 years ago
Moderate
GSA_kwCzR0hTQS1tcHZmLTZoOWctMmhxMs4AAy3l
PowerJob Incorrect Access Control vulnerability
Ecosystems: maven
Packages: tech.powerjob:powerjob
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS1meDJjLTk2dmotOTg1ds4AAwRn
HAProxyMessageDecoder Stack Exhaustion DoS
Ecosystems: maven
Packages: io.netty:netty-codec-haproxy
Source: GitHub Advisory Database
Blast Radius: 14.5
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1oeHA4LXI5ZzMtZ3Jmcs4AAijS
Exposure of Sensitive Information to an Unauthorized Actor in Elasticsearch
Ecosystems: maven
Packages: org.elasticsearch:elasticsearch
Source: GitHub Advisory Database
Blast Radius: 22.6
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS01eDloLXAyZ3gtMzVtZ84AAv3q
Incorrect Default Permissions in Liferay Portal
Ecosystems: maven
Packages: com.liferay.portal:release.portal.bom
Source: GitHub Advisory Database
Blast Radius: 8.0
Published: over 1 year ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTI0NHItZmNqMy1naGpx
Exposure of class information in RESTEasy
Ecosystems: maven
Packages: org.jboss.resteasy:resteasy-core
Source: GitHub Advisory Database
Blast Radius: 13.5
Published: about 3 years ago
Moderate
GSA_kwCzR0hTQS1qcjg2LTZqNGotbXY0Nc4AAyuS
Jenkins Assembla merge request builder Plugin missing authentication to access endpoint
Ecosystems: maven
Packages: org.jenkins-ci.plugins:assembla-merge-request-builder
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS1nOW1yLTl4ZmMtNGdmN84AAzdc
Insecure Default Initialization In Liferay Portal
Ecosystems: maven
Packages: com.liferay.portal:release.portal.bom
Source: GitHub Advisory Database
Blast Radius: 8.0
Published: 12 months ago
Moderate
GSA_kwCzR0hTQS0ycnZmLTMyOWYtcDk5Z83otg
System Property Disclosure in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 14.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS00NjI1LXE1MnctMzljeM4AAnOJ
Missing permission check for paths with specific prefix in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTU2cDgtM2ZoOS00Y3Zx
XStream is vulnerable to an attack using Regular Expression for a Denial of Service (ReDos)
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: GitHub Advisory Database
Blast Radius: 23.4
Published: about 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXIyOG0tZzZqOS1yMmg1
Information Exposure vulnerability in Eclipse Jetty
Ecosystems: maven
Packages: org.eclipse.jetty:jetty-server
Source: GitHub Advisory Database
Blast Radius: 24.1
Published: about 5 years ago
Moderate
GSA_kwCzR0hTQS1xbXgzLW02NDgtaHI3NM4AAs66
Log Injection in Apache Sling Commons Log and Apache Sling API
Ecosystems: maven
Packages: org.apache.sling:org.apache.sling.api, org.apache.sling:org.apache.sling.commons.log
Source: GitHub Advisory Database
Blast Radius: 15.3
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS00Mnh3LXA2MngtaHdjZs3oxA
Improper Access Control in Apache Derby
Ecosystems: maven
Packages: org.apache.derby:derby
Source: GitHub Advisory Database
Blast Radius: 23.0
Published: about 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTU5anctanFmNC0zd3Ez
XStream is vulnerable to an Arbitrary Code Execution attack
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: GitHub Advisory Database
Blast Radius: 23.4
Published: about 3 years ago
Moderate
GSA_kwCzR0hTQS1qOXhxLWozMjktMnh2Z84AAufz
Keycloak user may register themselves with same email ID of any existing user
Ecosystems: maven
Packages: org.keycloak:keycloak-core
Source: GitHub Advisory Database
Blast Radius: 16.2
Published: over 1 year ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJtcm0tNzVocC1waHIy
Improper Input Validation in Hibernate Validator
Ecosystems: maven
Packages: org.hibernate.validator:hibernate-validator
Source: GitHub Advisory Database
Blast Radius: 23.9
Published: almost 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXY3ZmYtOHdjeC1nbWM1
Authorization Before Parsing and Canonicalization in jetty
Ecosystems: maven
Packages: org.eclipse.jetty:jetty-webapp
Source: GitHub Advisory Database
Blast Radius: 22.7
Published: about 3 years ago
Moderate
GSA_kwCzR0hTQS05cHhtLThnOTUtcTV4cs4AAYTW
Insufficient Data Verification in io.really:jwt-scala
Ecosystems: maven
Packages: io.really:jwt-scala
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1oeDUzLTYzNXItdm12OM4AAmvV
Missing permission checks in Jenkins Chaos Monkey Plugin
Ecosystems: maven
Packages: io.jenkins.plugins:chaos-monkey
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS00M2oyLXI0djMtbThqcM4AAknk
Secrets are not masked by Jenkins Credentials Binding Plugin in builds without build steps
Ecosystems: maven
Packages: org.jenkins-ci.plugins:credentials-binding
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS00OTI2LXFweGctNnIzd84AAqeg
Exposure of Resource to Wrong Sphere in Spring Data REST
Ecosystems: maven
Packages: org.springframework.data:spring-data-rest-core
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS0ycXA0LWczcTMtZjkyd80u-Q
Improper Locking in JetBrains Kotlin
Ecosystems: maven
Packages: org.jetbrains.kotlin:kotlin-stdlib
Source: GitHub Advisory Database
Blast Radius: 26.0
Published: about 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTY3ZjYtYzhteC00cTJt
Uncontrolled Resource Consumption in JPA Server in HAPI FHIR
Ecosystems: maven
Packages: ca.uhn.hapi.fhir:hapi-fhir-jpaserver-base
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS1tcWY4LTRjcW0tcDgzeM4AA5J6
Liferay Portal allows attackers to discover the existence of sites
Ecosystems: maven
Packages: com.liferay.portal:release.dxp.bom, com.liferay.portal:release.portal.bom
Source: GitHub Advisory Database
Blast Radius: 8.0
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS1wMm1mLXEyNmotM3htaM4AA0FZ
PlantUML Improper Access Control vulnerability
Ecosystems: maven
Packages: net.sourceforge.plantuml:plantuml-mit
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
Moderate
GSA_kwCzR0hTQS13N2pyLXdxdzYtNTR4Y84AAjcJ
Non-constant time comparison of inbound TCP agent connection secret
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1jNXh2LXFjOHAtbWgyds4AAu_9
Apache Batik Server-Side Request Forgery
Ecosystems: maven
Packages: org.apache.xmlgraphics:batik
Source: GitHub Advisory Database
Blast Radius: 4.1
Published: over 1 year ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZmbTctN3I4Zy03N3ht
Apache CXF JMX Integration is vulnerable to a MITM attack
Ecosystems: maven
Packages: org.apache.cxf:cxf-rt-management
Source: GitHub Advisory Database
Blast Radius: 15.6
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS1oNjNqLXhxeDYtdzU4cs4AA4C8
mvel2 TimeOut error exists in the ParseTools.subCompileExpression method
Ecosystems: maven
Packages: org.mvel:mvel2
Source: GitHub Advisory Database
Blast Radius: 18.3
Published: 5 months ago
Moderate
GSA_kwCzR0hTQS01M2ptLTNoYzktZnFxY84AAvAA
Apache Batik vulnerable to Server-Side Request Forgery
Ecosystems: maven
Packages: org.apache.xmlgraphics:batik
Source: GitHub Advisory Database
Blast Radius: 4.1
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1wMng0LTZnaHItNnZtcc4AAv_V
Exposure of Sensitive Information to an Unauthorized Actor in org.xwiki.platform:xwiki-platform-livetable-ui
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-livetable-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS01NDR4LTJqeDktNHBmZ80mzw
Path traversal in Apache Karaf
Ecosystems: maven
Packages: org.apache.karaf:apache-karaf
Source: GitHub Advisory Database
Blast Radius: 16.4
Published: over 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQ1cjgtMzQ5NS14NnJt
Jinjava calls getClass
Ecosystems: maven
Packages: com.hubspot.jinjava:jinjava
Source: GitHub Advisory Database
Blast Radius: 12.5
Published: over 5 years ago
Moderate
GSA_kwCzR0hTQS04ang5LTdqNW0tNzl4NM4AAR1e
Jenkins Build Step Plugin fails to check Item/Build permission
Ecosystems: maven
Packages: org.jenkins-ci.plugins:pipeline-build-step
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS04eGZjLWdtNmctdmdwds4AA75b
Bouncy Castle certificate parsing issues cause high CPU usage during parameter evaluation.
Ecosystems: nuget, maven
Packages: BouncyCastle.Cryptography, BouncyCastle, org.bouncycastle:bc-fips, org.bouncycastle:bcpkix-jdk14, org.bouncycastle:bcpkix-jdk15to18, org.bouncycastle:bcpkix-jdk18on, org.bouncycastle:bctls-jdk15to18, org.bouncycastle:bctls-jdk14, org.bouncycastle:bctls-jdk18on, org.bouncycastle:bcprov-jdk14, org.bouncycastle:bcprov-jdk15to18, org.bouncycastle:bcprov-jdk15on, org.bouncycastle:bcprov-jdk18on
Source: GitHub Advisory Database
Blast Radius: 23.7
Published: 3 days ago
Moderate
GSA_kwCzR0hTQS12OTNoLXJ3ajgtNzhxaM4AA0ac
Apache OpenMeetings insufficient authorization vulnerability
Ecosystems: maven
Packages: org.apache.openmeetings:openmeetings-db
Source: GitHub Advisory Database
Blast Radius: 5.1
Published: 11 months ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTYyd3ctNHAzcC03Zmhq
API information disclosure flaw in Elasticsearch
Ecosystems: maven
Packages: org.elasticsearch:elasticsearch
Source: GitHub Advisory Database
Blast Radius: 22.6
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS05OThyLWo5cngtcW04bc4AAvbW
Apache Isis webconsole module may directly query the database in prototype mode
Ecosystems: maven
Packages: org.apache.isis.core:isis-core
Source: GitHub Advisory Database
Blast Radius: 4.8
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1tNDRqLWNmcm0tZzhxY84AA76G
Bouncy Castle crafted signature and public key can be used to trigger an infinite loop
Ecosystems: nuget, maven
Packages: BouncyCastle.Cryptography, BouncyCastle, org.bouncycastle:bcpkix-jdk14, org.bouncycastle:bcpkix-jdk15to18, org.bouncycastle:bcpkix-jdk18on, org.bouncycastle:bctls-jdk15to18, org.bouncycastle:bctls-jdk14, org.bouncycastle:bctls-jdk18on, org.bouncycastle:bcprov-jdk14, org.bouncycastle:bcprov-jdk15to18, org.bouncycastle:bcprov-jdk15on, org.bouncycastle:bcprov-jdk18on
Source: GitHub Advisory Database
Blast Radius: 23.7
Published: 3 days ago
Moderate
GSA_kwCzR0hTQS01anBtLXg1OHYtNjI0ds4AA6Rf
Netty's HttpPostRequestDecoder can OOM
Ecosystems: maven
Packages: io.netty:netty-codec-http
Source: GitHub Advisory Database
Blast Radius: 20.2
Published: about 2 months ago
Moderate
GSA_kwCzR0hTQS1wZjM4LWN3M3AtMjJxOc1Bjg
Keycloak is vulnerable to IDN homograph attack
Ecosystems: maven
Packages: org.keycloak:keycloak-services
Source: GitHub Advisory Database
Blast Radius: 14.6
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1wZmgyLWhmbXEtcGhnNc4AA4C3
json-path Out-of-bounds Write vulnerability
Ecosystems: maven
Packages: com.jayway.jsonpath:json-path
Source: GitHub Advisory Database
Blast Radius: 24.2
Published: 5 months ago
Moderate
GSA_kwCzR0hTQS1jcXBjLXgyYzYtMmdtZs4AA2oS
Unsecured WMS dynamic styling sld=<url> parameter affords blind unauthenticated SSRF
Ecosystems: maven
Packages: org.geoserver.web:gs-web-app, org.geoserver:gs-wms
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
Moderate
GSA_kwCzR0hTQS1xcHBqLWZtNXItaHhyM84AA2X2
HTTP/2 Stream Cancellation Attack
Ecosystems: maven, swift, go
Packages: com.typesafe.akka:akka-http-core_2.11, com.typesafe.akka:akka-http-core_2.12, com.typesafe.akka:akka-http-core_2.13, com.typesafe.akka:akka-http-core, org.eclipse.jetty.http2:jetty-http2-server, org.eclipse.jetty.http2:jetty-http2-common, org.eclipse.jetty.http2:http2-server, org.eclipse.jetty.http2:http2-common, github.com/apple/swift-nio-http2, org.apache.tomcat.embed:tomcat-embed-core, org.apache.tomcat:tomcat, google.golang.org/grpc, golang.org/x/net
Source: GitHub Advisory Database
Blast Radius: 65.5
Published: 7 months ago
Moderate
GSA_kwCzR0hTQS12NzZ3LTNwaDgtdm02Ns4AA5Oc
Undertow Path Traversal vulnerability
Ecosystems: maven
Packages: io.undertow:undertow-core
Source: GitHub Advisory Database
Blast Radius: 19.7
Published: 3 months ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQzZ2MtbWp4Zy1ndnJx
XStream is vulnerable to an Arbitrary Code Execution attack
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: GitHub Advisory Database
Blast Radius: 23.4
Published: about 3 years ago
Moderate
GSA_kwCzR0hTQS13OWdxLThxMzUtM2pjY84AASj9
Jenkins Subversion Plugin Incorrect Authorization vulnerability
Ecosystems: maven
Packages: org.jenkins-ci.plugins:subversion
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS14Zzc1LTY4eDMtN3Azcc4AAa4P
Apache Struts vulnerable to possible DoS attack when using URLValidator
Ecosystems: maven
Packages: org.apache.struts:struts2-core
Source: GitHub Advisory Database
Blast Radius: 20.1
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS01NDk5LXFqdmgtNmo3d84AApa3
Observable Discrepancy in Wildfly Elytron
Ecosystems: maven
Packages: org.wildfly.security:wildfly-elytron
Source: GitHub Advisory Database
Blast Radius: 13.5
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS05bWM2LXZnbXEteDZ4Zs4AAu-i
Lack of authentication mechanism in Jenkins DotCi Plugin webhook
Ecosystems: maven
Packages: com.groupon.jenkins-ci.plugins:DotCi
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWp3M3YtNWNoMi13Zm1t
Wildfly logs plaintext passwords
Ecosystems: maven
Packages: org.wildfly:wildfly-parent
Source: GitHub Advisory Database
Blast Radius: 9.6
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1mNHFmLW01Z2YtOGptOM4AA4kQ
Apache Tomcat vulnerable to Generation of Error Message Containing Sensitive Information
Ecosystems: maven
Packages: org.apache.tomcat.embed:tomcat-embed-core, org.apache.tomcat:tomcat-coyote
Source: GitHub Advisory Database
Blast Radius: 22.0
Published: 4 months ago
Moderate
GSA_kwCzR0hTQS12NnczLTJwcnEtaDk1Zs0WLw
Improper Input Validation in Jakarta Expression Language
Ecosystems: maven
Packages: com.sun.el:el-ri
Source: GitHub Advisory Database
Blast Radius: 15.1
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS1jMjN2LXZxdzUtNTJjNc4AAy3z
PowerJob vulnerable to Incorrect Access Control via the create user/save interface.
Ecosystems: maven
Packages: tech.powerjob:powerjob
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS1nNjRyLXhmMzktcTRwNc4AA6vv
Apache Zeppelin Path Traversal vulnerability
Ecosystems: maven
Packages: org.apache.zeppelin:zeppelin-server
Source: GitHub Advisory Database
Blast Radius: 9.2
Published: about 1 month ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZqdjUtZ3Aydy02NXZt
Encoded URIs can access WEB-INF directory in Eclipse Jetty
Ecosystems: maven
Packages: org.eclipse.jetty:jetty-webapp
Source: GitHub Advisory Database
Blast Radius: 22.7
Published: almost 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW0zOTQtOHJ3dy0zanI3
DOS vulnerability for Quoted Quality CSV headers
Ecosystems: maven
Packages: org.eclipse.jetty:jetty-server
Source: GitHub Advisory Database
Blast Radius: 24.1
Published: about 3 years ago
Moderate
GSA_kwCzR0hTQS1qNHAzLTJtMmgtY3Y1Zs3wzA
Cloud Foundry UAA Denial of Service through client token revocation endpoint
Ecosystems: maven
Packages: org.cloudfoundry.identity:cloudfoundry-identity-server
Source: GitHub Advisory Database
Blast Radius: 6.2
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1tdjY0LTg2ZzgtY3FxN84AA7Tz
Quarkus: security checks in resteasy reactive may trigger a denial of service
Ecosystems: maven
Packages: io.quarkus.resteasy.reactive:resteasy-reactive
Source: GitHub Advisory Database
Blast Radius: 11.0
Published: 22 days ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFyZzktZjQ3Mi1xd2Zt
Possible route enumeration in production mode via RouteNotFoundError view in Vaadin 10, 11-14, and 15-19
Ecosystems: maven
Packages: com.vaadin:vaadin-bom
Source: GitHub Advisory Database
Blast Radius: 19.3
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS13eDU0LTMyNzgtbTVnNM4AAgbg
Integer overflow in BCrypt class in Spring Security
Ecosystems: maven
Packages: org.springframework.security:spring-security-core
Source: GitHub Advisory Database
Blast Radius: 24.6
Published: almost 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdwbTQtZzJxai1qODV4
CSRF attack via CORS preflight requests with Spring MVC or Spring WebFlux
Ecosystems: maven
Packages: org.springframework:spring-webflux, org.springframework:spring-webmvc
Source: GitHub Advisory Database
Blast Radius: 28.4
Published: over 4 years ago
Moderate
GSA_kwCzR0hTQS0yYzNwLTlqNWYtMzNnM84AASbN
Apache OpenMeetings responds to insecure HTTP methods
Ecosystems: maven
Packages: org.apache.openmeetings:openmeetings-parent
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS02NjIzLWM2bXItNjczN84AA6vz
Apache Zeppelin: Denial of service with invalid notebook name
Ecosystems: maven
Packages: org.apache.zeppelin:zeppelin-server
Source: GitHub Advisory Database
Blast Radius: 9.2
Published: about 1 month ago
Statistics
Advisories: 18,752
Packages: 8,375
Repositories: 973
Ecosystems: 12
Filter by Severity
Moderate 8,149 High 6,447 Critical 2,848 Low 1,014
Filter by Ecosystem
maven 5,573 packagist 3,982 pypi 3,848 npm 3,558 go 1,934 nuget 1,421 rubygems 815 cargo 780 swift 31 hex 30 actions 16 pub 8
Filter by Package
org.jenkins-ci.main:jenkins-core 189 org.apache.tomcat:tomcat 134 com.fasterxml.jackson.core:jackson-databind 69 org.apache.struts:struts2-core 55 org.keycloak:keycloak-core 47 com.liferay.portal:release.portal.bom 45 com.thoughtworks.xstream:xstream 36 com.jfinal:jfinal 36 org.apache.tomcat.embed:tomcat-embed-core 36 net.mingsoft:ms-mcms 35 org.xwiki.platform:xwiki-platform-oldcore 34 org.elasticsearch:elasticsearch 32 org.jenkins-ci.plugins:script-security 32 org.keycloak:keycloak-services 27 io.undertow:undertow-core 27 org.apache.solr:solr-core 25 org.keycloak:keycloak-parent 25 org.eclipse.jetty:jetty-server 23 org.springframework.security:spring-security-core 23 org.bouncycastle:bcprov-jdk14 22 org.apache.nifi:nifi 22 org.apache.openmeetings:openmeetings-parent 21 org.cloudfoundry.identity:cloudfoundry-identity-server 20 org.springframework:spring-core 19 com.vaadin:vaadin-bom 18 com.liferay.portal:release.dxp.bom 18 org.apache.geode:geode-core 17 org.xwiki.platform:xwiki-platform-web-templates 17 org.apache.dubbo:dubbo 16 org.apache.activemq:activemq-client 16 org.bouncycastle:bcprov-jdk15 16 org.apache.jspwiki:jspwiki-main 15 org.apache.struts.xwork:xwork-core 15 org.apache.inlong:manager-pojo 14 org.xwiki.platform:xwiki-platform-web 14 org.apache.cxf:cxf 13 org.apache.hadoop:hadoop-main 13 com.vaadin:flow-server 12 org.jenkins-ci.plugins:git 12 org.bouncycastle:bcprov-jdk15on 12 org.jenkins-ci.plugins.workflow:workflow-cps 12 org.apache.dolphinscheduler:dolphinscheduler 12 org.apache.hadoop:hadoop-common 11 org.apache.ranger:ranger 11 org.apache.cxf:cxf-core 11 org.apache.jspwiki:jspwiki-war 11 org.igniterealtime.openfire:parent 11 org.jeecgframework.boot:jeecg-boot-common 11 org.jeecgframework.boot:jeecg-boot-parent 11 org.apache.james:james-server 11 org.apache.commons:commons-compress 11 org.mortbay.jetty:jetty 11 org.apache.camel:camel-core 11 com.xuxueli:xxl-job 11 org.apache.tomcat:tomcat-coyote 11 org.jenkins-ci.plugins:email-ext 11 org.apache.tika:tika-core 11 org.apache.inlong:manager-service 10 io.netty:netty 10 org.jboss.netty:netty 10 org.jenkins-ci.plugins.workflow:workflow-cps-global-lib 10 org.xwiki.platform:xwiki-platform-administration-ui 10 org.jenkins-ci.plugins:active-directory 9 org.apache.archiva:archiva 9 org.springframework:spring-web 9 org.jenkins-ci.plugins:config-file-provider 9 org.opennms:opennms 9 org.apache.xmlgraphics:batik 9 cn.hutool:hutool-core 9 org.jenkins-ci.plugins:electricflow 9 org.opencrx:opencrx-core-models 9 org.apache.hive:hive 9 io.jenkins:configuration-as-code 9 org.apache.tomcat:tomcat-catalina 9 org.apache.tapestry:tapestry-core 9 com.sonyericsson.jenkins.plugins.bfa:build-failure-analyzer 9 org.bouncycastle:bcprov-jdk15to18 9 org.springframework:spring-webmvc 9 org.apache.shiro:shiro-core 9 org.craftercms:crafter-studio 9 org.apache.kylin:kylin 8 io.jenkins.blueocean:blueocean 8 org.postgresql:postgresql 8 org.opencms:opencms-core 8 org.apache.ozone:ozone-main 8 org.apache.hive:hive-exec 8 org.graylog2:graylog2-server 8 org.apache.ambari:ambari 8 org.apache.pdfbox:pdfbox 8 org.webjars.npm:jquery 8 org.apache.santuario:xmlsec 8 org.yaml:snakeyaml 8 jquery-rails 8 jquery 8 org.jenkins-ci.plugins:ec2 8 org.apache.zeppelin:zeppelin 8 mysql:mysql-connector-java 8 com.hazelcast:hazelcast 8 org.jeecgframework.boot:jeecg-boot-base 7 org.jruby:jruby-stdlib 7 org.jenkins-ci.plugins:subversion 7 org.apache.hive:hive-service 7 io.jenkins.plugins:miniorange-saml-sp 7 org.apache.karaf:apache-karaf 7 org.apache.linkis:linkis 7 io.jenkins.plugins:warnings-ng 7 org.owasp.antisamy:antisamy 7 jQuery.UI.Combined 7 org.webjars.npm:jquery-ui 7 jquery-ui-rails 7 jquery-ui 7 org.apache.atlas:atlas-common 7 rubygems-update 7 org.jenkins-ci.plugins:jobConfigHistory 7 org.jenkins-ci.plugins:mercurial 7 org.jenkins-ci.plugins:rundeck 7 org.apache.cxf:apache-cxf 7 net.opentsdb:opentsdb 7 org.jenkins-ci.plugins:openshift-deployer 7 org.apache.poi:poi 7 org.apache.tika:tika 7 io.jenkins.plugins:cavisson-ns-nd-integration 7 jQuery 7 org.apache.inlong:manager-web 7 org.silverpeas.core:silverpeas-core-web 7 org.apache.activemq:activemq-parent 7 io.atomix:atomix 7 org.owasp.esapi:esapi 7 org.apache.logging.log4j:log4j-core 7 org.apache.spark:spark-core_2.11 7 org.apache.derby:derby 7 org.jenkins-ci.plugins:artifactory 7 org.jboss.resteasy:resteasy-client 7 io.dataease:dataease-plugin-common 7 org.jenkins-ci.plugins:gitlab-oauth 6 org.apache.storm:storm-core 6 de.tum.in.ase:artemis-java-test-sandbox 6 org.apache.struts:struts2-rest-plugin 6 commons-fileupload:commons-fileupload 6 org.apache.shenyu:shenyu-common 6 org.xwiki.commons:xwiki-commons-xml 6 io.netty:netty-handler 6 com.jflyfox:jflyfox_jfinal 6 org.jenkins-ci.plugins:pipeline-maven 6 org.opencastproject:opencast-kernel 6 org.jenkins-ci.plugins:azure-vm-agents 6 org.apache.syncope:syncope-core 6 org.apache.pulsar:pulsar-broker 6 org.apache.solr:solr-parent 6 org.jenkins-ci.plugins:fortify-on-demand-uploader 6 org.apache.spark:spark-core_2.10 6 com.xebialabs.deployit.ci:deployit-plugin 6 org.apache.httpcomponents:httpclient 6 org.jenkins-ci.plugins:repository-connector 6 io.netty:netty-codec-http 6 cn.hutool:hutool-json 6 org.apache.axis:axis 6 axis:axis 6 org.csanchez.jenkins.plugins:kubernetes 6 org.bouncycastle:bcprov-jdk18on 6 org.jenkins-ci.plugins:ec2-deployment-dashboard 6 com.sonyericsson.hudson.plugins.gerrit:gerrit-trigger 6 org.apache.mesos:mesos 6 org.opensearch.plugin:opensearch-security 6 tech.powerjob:powerjob 6 hudson.plugins:project-inheritance 6 com.vaadin:vaadin-server 5 org.jenkins-ci.plugins:ghprb 5 org.dspace:dspace-jspui 5 org.jeecgframework.boot:jeecg-boot-base-core 5 org.jboss.resteasy:resteasy-bom 5 org.apache.hadoop:hadoop-client 5 org.neo4j.procedure:apoc 5 org.apache.cassandra:cassandra-all 5 org.jenkins-ci.plugins.m2release:m2release 5 org.jenkins-ci.plugins:junit 5 org.codehaus.jettison:jettison 5 org.xwiki.platform:xwiki-platform-appwithinminutes-ui 5 org.jenkins-ci.plugins:publish-over-ssh 5 info.magnolia:magnolia-core 5 com.alibaba:dubbo 5 org.springframework.amqp:spring-amqp 5 xerces:xercesImpl 5 org.biouno:uno-choice 5 log4j:log4j 5 org.zenframework.z8.dependencies.commons:log4j-1.2.17 5 io.projectreactor.netty:reactor-netty-http 5 org.jenkins-ci.plugins:openid 5 com.coravy.hudson.plugins.github:github 5 struts:struts 5 org.jenkins-ci.plugins:google-login 5 org.apache.druid:druid 5 io.vertx:vertx-core 5 org.jenkins-ci.plugins:credentials 5 org.opennms:opennms-webapp 5 org.bouncycastle:bcprov-ext-jdk15on 5 com.synopsys.jenkinsci:ownership 5 io.vertx:vertx-web 5 org.jenkins-ci.plugins:sinatra-chef-builder 5 org.wildfly:wildfly-parent 5
Filter by Repository
https://github.com/xwiki/xwiki-platform 172 https://github.com/jenkinsci/jenkins 148 https://github.com/apache/tomcat 96 https://github.com/FasterXML/jackson-databind 70 https://github.com/keycloak/keycloak 58 https://github.com/apache/struts 46 https://github.com/spring-projects/spring-framework 41 https://github.com/x-stream/xstream 36 https://github.com/apache/activemq 33 https://github.com/CVEProject/cvelist 28 https://github.com/apache/inlong 26 https://github.com/eclipse/jetty.project 23 https://github.com/apache/nifi 21 https://github.com/jenkinsci/script-security-plugin 21 https://github.com/OpenNMS/opennms 20 https://github.com/jeecgboot/jeecg-boot 20 https://github.com/netty/netty 20 https://github.com/apache/cxf 19 https://github.com/cloudfoundry/uaa 19 https://github.com/bcgit/bc-java 19 https://github.com/vaadin/platform 17 https://github.com/opencast/opencast 16 https://github.com/geoserver/geoserver 15 https://github.com/apache/camel 15 https://github.com/undertow-io/undertow 13 https://github.com/xuxueli/xxl-job 13 https://github.com/dromara/hutool 13 https://github.com/quarkusio/quarkus 13 https://github.com/ming-soft/MCMS 13 https://github.com/apache/dolphinscheduler 12 https://github.com/apache/kylin 12 https://github.com/igniterealtime/Openfire 11 https://github.com/vaadin/flow 11 https://github.com/jenkinsci/git-plugin 10 https://github.com/apache/lucene-solr 9 https://github.com/spring-projects/spring-security 9 https://github.com/DSpace/DSpace 9 https://github.com/Graylog2/graylog2-server 9 https://github.com/jquery/jquery 9 https://github.com/cui2shark/cms 9 https://github.com/xwiki/xwiki-commons 8 https://github.com/jenkinsci/config-file-provider-plugin 8 https://github.com/hazelcast/hazelcast 8 https://github.com/nahsra/antisamy 8 https://github.com/apache/zeppelin 8 https://github.com/opensearch-project/security 8 https://github.com/pgjdbc/pgjdbc 7 https://github.com/jflyfox/jfinal_cms 7 https://github.com/apache/xmlgraphics-batik 7 https://github.com/jenkinsci/blueocean-plugin 7 https://github.com/vaadin/framework 7 https://github.com/dataease/dataease 7 https://github.com/ratpack/ratpack 7 https://github.com/OpenTSDB/opentsdb 7 https://github.com/RhinoSecurityLabs/CVEs 7 https://github.com/rubygems/rubygems 7 https://github.com/rundeck/rundeck 7 https://github.com/vert-x3/vertx-web 6 https://github.com/apache/tika 6 https://github.com/jenkinsci/electricflow-plugin 6 https://github.com/OpenRefine/OpenRefine 6 https://github.com/jenkinsci/fortify-on-demand-uploader-plugin 6 https://github.com/apache/hadoop 6 https://github.com/jenkinsci/gerrit-trigger-plugin 6 https://github.com/http4s/http4s 6 https://github.com/line/armeria 6 https://github.com/playframework/playframework 6 https://github.com/ls1intum/Ares 6 https://github.com/resteasy/resteasy 6 https://github.com/apache/pulsar 6 https://github.com/ESAPI/esapi-java-legacy 6 https://github.com/DrunkenShells/Disclosures 6 https://github.com/jenkinsci/configuration-as-code-plugin 6 https://github.com/jenkinsci/ec2-plugin 6 https://github.com/cui2shark/security 6 https://github.com/jenkinsci/build-failure-analyzer-plugin 6 https://github.com/jquery/jquery-ui 6 https://bitbucket.org/snakeyaml/snakeyaml 6 https://github.com/protocolbuffers/protobuf 5 https://github.com/apache/openmeetings 5 https://github.com/jenkinsci/support-core-plugin 5 https://github.com/jenkinsci/codedx-plugin 5 https://github.com/JLLeitschuh/security-research 5 https://github.com/jenkinsci/junit-plugin 5 https://github.com/apiman/apiman 5 https://github.com/jenkinsci/github-plugin 5 https://github.com/jenkinsci/subversion-plugin 5 https://github.com/neo4j-contrib/neo4j-apoc-procedures 5 https://github.com/jenkinsci/gitlab-plugin 5 https://github.com/PowerJob/PowerJob 5 https://github.com/h2database/h2database 5 https://github.com/apache/karaf 5 https://github.com/jenkinsci/workflow-cps-global-lib-plugin 5 https://github.com/jenkinsci/email-ext-plugin 5 https://github.com/jettison-json/jettison 5 https://github.com/jenkinsci/publish-over-ssh-plugin 5 https://github.com/apache/geode 5 https://github.com/OpenAPITools/openapi-generator 5 https://github.com/jensdietrich/xshady-release 5 https://github.com/restlet/restlet-framework-java 5 https://github.com/jenkinsci/active-directory-plugin 5 https://github.com/grails/grails-core 5 https://github.com/alibaba/nacos 5 https://bitbucket.org/connect2id/nimbus-jose-jwt 5 https://github.com/jenkinsci/m2release-plugin 5 https://github.com/apache/shiro 5 https://github.com/apache/shenyu 5 https://github.com/reportportal/reportportal 4 https://github.com/jenkinsci/warnings-ng-plugin 4 https://github.com/jenkinsci/matrix-project-plugin 4 https://github.com/jenkinsci/htmlpublisher-plugin 4 https://github.com/jenkinsci/p4-plugin 4 https://github.com/jenkinsci/hpe-application-automation-tools-plugin 4 https://github.com/resteasy/Resteasy 4 https://github.com/jenkinsci/job-config-history-plugin 4 https://github.com/micronaut-projects/micronaut-core 4 https://github.com/skylot/jadx 4 https://github.com/jenkinsci/active-choices-plugin 4 https://github.com/yamcs/yamcs 4 https://github.com/shopizer-ecommerce/shopizer 4 https://github.com/jenkinsci/nexus-platform-plugin 4 https://github.com/alkacon/opencms-core 4 https://github.com/jenkinsci/libvirt-slave-plugin 4 https://github.com/apache/httpcomponents-client 4 https://github.com/jenkinsci/ansible-plugin 4 https://github.com/jenkinsci/xldeploy-plugin 4 https://github.com/nightcloudos/new_cms 4 https://github.com/jenkinsci/fortify-plugin 4 https://github.com/itext/itext7 4 https://github.com/stanfordnlp/corenlp 4 https://github.com/ktorio/ktor 4 https://github.com/HtmlUnit/htmlunit 4 https://github.com/jenkinsci/gitlab-oauth-plugin 4 https://github.com/aws/aws-iot-device-sdk-java-v2 4 https://github.com/xerial/snappy-java 4 https://github.com/apache/syncope 4 https://github.com/jfinal/jfinal 4 https://github.com/infinispan/infinispan 4 https://github.com/jenkinsci/rundeck-plugin 4 https://github.com/apache/activemq-artemis 4 https://github.com/jenkinsci/workflow-cps-plugin 4 https://github.com/jenkinsci/credentials-binding-plugin 4 https://github.com/pippo-java/pippo 4 https://github.com/apache/solr 4 https://github.com/bcgit/bc-csharp 4 https://github.com/qos-ch/logback 3 https://github.com/google/guava 3 https://github.com/open-metadata/OpenMetadata 3 https://github.com/joniles/mpxj 3 https://github.com/orientechnologies/orientdb 3 https://github.com/jenkinsci/azure-credentials-plugin 3 https://svn.apache.org/viewvc/lucene/dev 3 https://github.com/jenkinsci/scriptler-plugin 3 https://github.com/Rabb1ter/cms 3 https://bitbucket.org/b_c/jose4j 3 https://github.com/apache/santuario-java 3 https://github.com/jenkinsci/ci-with-toad-edge-plugin 3 https://github.com/jenkinsci/mercurial-plugin 3 https://github.com/OWASP/json-sanitizer 3 https://github.com/opengoofy/hippo4j 3 https://github.com/jenkinsci/azure-vm-agents-plugin 3 https://github.com/jenkinsci/audit-trail-plugin 3 https://github.com/eclipse/lemminx 3 https://github.com/eclipse-ee4j/mojarra 3 https://github.com/jenkinsci/nomad-plugin 3 https://github.com/peteroupc/CBOR-Java 3 https://github.com/pf4j/pf4j 3 https://github.com/jenkinsci/bitbucket-oauth-plugin 3 https://github.com/jenkinsci/cas-plugin 3 https://github.com/apache/storm 3 https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server 3 https://github.com/jooby-project/jooby 3 https://github.com/li-yu320/cms 3 https://github.com/jenkinsci/crx-content-package-deployer-plugin 3 https://github.com/apache/jackrabbit 3 https://github.com/jenkinsci/git-parameter-plugin 3 https://github.com/Jarvis-616/cms 3 https://github.com/jenkinsci/gitlab-branch-source-plugin 3 https://github.com/wso2/carbon-registry 3 https://github.com/jenkinsci/git-client-plugin 3 https://github.com/jenkinsci/cvs-plugin 3 https://github.com/codehaus-plexus/plexus-utils 3 https://github.com/jenkinsci/database-plugin 3 https://github.com/AsyncHttpClient/async-http-client 3 https://github.com/jhy/jsoup 3 https://github.com/apache/geronimo 3 https://github.com/apache/flume 3 https://github.com/LetianYuan/My-CVE-Public-References 3 https://github.com/aws/amazon-redshift-jdbc-driver 3 https://github.com/apache/dubbo 3 https://github.com/jenkinsci/embeddable-build-status-plugin 3 https://github.com/wildfly/wildfly-core 3 https://github.com/intranda/goobi-viewer-core 3 https://github.com/jeremylong/DependencyCheck 3 https://github.com/apache/derby 3 https://github.com/apache/commons-configuration 3 https://github.com/apache/cxf-fediz 3 https://github.com/Adobe-Consulting-Services/acs-aem-commons 3 https://github.com/jenkinsci/cloudbees-jenkins-advisor-plugin 3