Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

maven Security Advisories

Loading...
Moderate
GSA_kwCzR0hTQS1od3ZtLXZmdzgtOTNtd80cpQ
Vulnerable dependency in XTDB connector
Ecosystems: maven
Packages: org.odpi.egeria:egeria-connector-xtdb
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS00Mnh3LXA2MngtaHdjZs3oxA
Improper Access Control in Apache Derby
Ecosystems: maven
Packages: org.apache.derby:derby
Source: GitHub Advisory Database
Blast Radius: 23.0
Published: almost 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQzZ2MtbWp4Zy1ndnJx
XStream is vulnerable to an Arbitrary Code Execution attack
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: GitHub Advisory Database
Blast Radius: 23.4
Published: about 3 years ago
Moderate
GSA_kwCzR0hTQS1wMng0LTZnaHItNnZtcc4AAv_V
Exposure of Sensitive Information to an Unauthorized Actor in org.xwiki.platform:xwiki-platform-livetable-ui
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-livetable-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS0ycnZmLTMyOWYtcDk5Z83otg
System Property Disclosure in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 14.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1xcHBqLWZtNXItaHhyM84AA2X2
HTTP/2 Stream Cancellation Attack
Ecosystems: maven, swift, go
Packages: com.typesafe.akka:akka-http-core_2.11, com.typesafe.akka:akka-http-core_2.12, com.typesafe.akka:akka-http-core_2.13, com.typesafe.akka:akka-http-core, org.eclipse.jetty.http2:jetty-http2-server, org.eclipse.jetty.http2:jetty-http2-common, org.eclipse.jetty.http2:http2-server, org.eclipse.jetty.http2:http2-common, github.com/apple/swift-nio-http2, org.apache.tomcat.embed:tomcat-embed-core, org.apache.tomcat:tomcat, google.golang.org/grpc, golang.org/x/net
Source: GitHub Advisory Database
Blast Radius: 65.5
Published: 7 months ago
Moderate
GSA_kwCzR0hTQS05M214LTJ2ZjktMjhjNM4AAs8b
Path Traversal vulnerability in Jenkins Embeddable Build Status Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:embeddable-build-status
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTR2d3ctbWM2Ni02Mm02
HTTP Request Smuggling in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 14.0
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS12djg5LXhnZ3gtcXFoMs4AAknT
Improper permission checks in Jenkins Copy Artifact Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:copyartifact
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS12djRxLTJ3OTgtNHY4Z84AAq6S
Jenkins Aqua MicroScanner Plugin showed plain text credential in configuration form
Ecosystems: maven
Packages: org.jenkins-ci.plugins:aqua-microscanner
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS0yOHAzLW1jaHItOWZyas4AATf4
Deserialization of Untrusted Data in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS0zNWZnLWhqY3ItajY1Zs0p1g
Information exposure in xwiki-platform
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-web
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdyODItN3h2Ny14Y3Bq
Cross-site scripting in Apache HttpClient
Ecosystems: maven
Packages: org.apache.httpcomponents:httpclient
Source: GitHub Advisory Database
Blast Radius: 27.3
Published: almost 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc0anEtcWg0Ny1odmpx
Improper Input Validation in Xerces
Ecosystems: maven
Packages: xerces:xercesImpl
Source: GitHub Advisory Database
Blast Radius: 22.5
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS13N2NxLWo5cDktaG0zbc3sHw
Improper Input Validation in Apache Santuario XML Security
Ecosystems: maven
Packages: org.apache.santuario:xmlsec
Source: GitHub Advisory Database
Blast Radius: 18.1
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS05NzM3LXFtZ2MtaGZyOc4AATy0
Directory Traversal in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 14.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1nOHBqLXI1NXEtNWMyds4AA2Wt
Apache Tomcat Incomplete Cleanup vulnerability
Ecosystems: maven
Packages: org.apache.tomcat.embed:tomcat-embed-core, org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 22.0
Published: 7 months ago
Moderate
GSA_kwCzR0hTQS02anZ3LXJwdzQtZ2o0eM4AAe8S
Apache Shindig PHP Sensitive Information Disclosure
Ecosystems: maven
Packages: org.apache.shindig:shindig-php
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS0yZ3JoLWdyMzctMjI4M84AA327
Solr search discloses email addresses of users
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-search-solr-api
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTlyZ3YtaDd4NC1xdzhn
Eclipse Jetty Server generates error message containing sensitive information
Ecosystems: maven
Packages: org.eclipse.jetty:jetty-server
Source: GitHub Advisory Database
Blast Radius: 24.1
Published: over 5 years ago
Moderate
GSA_kwCzR0hTQS1nanEzLTk5N3AtaGc2Zs4AAR2n
OpenDaylight NULL Pointer Dereference
Ecosystems: maven
Packages: org.opendaylight.controller:releasepom
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJwajYtMnE4ci05OGY4
Request logging bypass in Jenkins Audit Trail Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:audit-trail
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFmNzYtcHI3eC1oN3I0
Incorrect Access Control in Nacos
Ecosystems: maven
Packages: com.alibaba.nacos:nacos-common
Source: GitHub Advisory Database
Blast Radius: 13.3
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS1jMjZoLThoNHAtNGpnas4AAl83
Missing permission checks in MongoDB Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:mongodb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS05Z3JqLWo0M20tbWpxcs4AAs7n
Observable timing discrepancy allows determining username validity in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS01Yzg2LWdwdmMtZnA1M84AAy3t
PowerJob vulnerable to Insecure Permissions
Ecosystems: maven
Packages: tech.powerjob:powerjob
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS1qNXYzLTM2M3AtZzg0M84AAve_
OpenCRX vulnerable to password enumeration via error messages in password reset
Ecosystems: maven
Packages: org.opencrx:opencrx-client
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS03dzg1LXBwODYtcDRwcc4AAt2g
XMLUI's metadata of withdrawn Items is exposed to anonymous users
Ecosystems: maven
Packages: org.dspace:dspace-xmlui
Source: GitHub Advisory Database
Blast Radius: 10.9
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1qNnA5LWhtM3EtaHdtas4AAl81
CSRF vulnerability in MongoDB Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:mongodb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc2cXItbW1oOC1jcDhm
Moderate severity vulnerability that affects com.sparkjava:spark-core
Ecosystems: maven
Packages: com.sparkjava:spark-core
Source: GitHub Advisory Database
Blast Radius: 21.8
Published: over 5 years ago
Moderate
GSA_kwCzR0hTQS1qZ3ByLXFydzItNmdwM84AAXvS
Exposure of Sensitive Information in Jenkins Core
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS03M3Y1LXc2ZmctMm00NM4AAvdc
Jenkins Tuleap Git Branch Source Plugin allows unauthenticated attackers to trigger Tuleap projects whose configured repo matches attacker-specified value
Ecosystems: maven
Packages: org.jenkins-ci.plugins:tuleap-git-branch-source
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdwMzItN2gyOS1ycHht
Moderate severity vulnerability that affects com.puppycrawl.tools:checkstyle
Ecosystems: maven
Packages: com.puppycrawl.tools:checkstyle
Source: GitHub Advisory Database
Blast Radius: 16.7
Published: about 5 years ago
Moderate
GSA_kwCzR0hTQS04aDc3LTl2aDUtaHc1Z82qQA
Mortbay Jetty vulnerable to Cross-site scripting
Ecosystems: maven
Packages: org.mortbay.jetty:jetty
Source: GitHub Advisory Database
Blast Radius: 22.2
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1jdzY4LXhtbTQtYzgzcs0ihw
Agent-to-controller security bypass in Jenkins Conjur Secrets Plugin allows retrieving all credentials
Ecosystems: maven
Packages: org.conjur.jenkins:conjur-credentials
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS1nNzR3LTkzY3AtNXAzcM4AAgY8
Insufficiently Protected Credentials in Jenkins Pipeline SCM API for Blue Ocean Plugin
Ecosystems: maven
Packages: io.jenkins.blueocean:blueocean-pipeline-scm-api
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1mcjI2LXFqYzgtbXZqeM0Wjw
Possible route enumeration in production mode via RouteNotFoundError view in Vaadin 10, 11-14, and 15-19
Ecosystems: maven
Packages: com.vaadin:flow-server
Source: GitHub Advisory Database
Blast Radius: 11.2
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS1odjVnLXE0aDMtNjRxNM4AA4lr
Hard-coded credentials in org.folio:mod-remote-storage
Ecosystems: maven
Packages: org.folio:mod-remote-storage
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS1ndmM3LWdqcnctaGo2Nc4AA4lm
Improper Verification of Cryptographic Signature in aws-encryption-sdk-java
Ecosystems: maven
Packages: com.amazonaws:aws-encryption-sdk-java
Source: GitHub Advisory Database
Blast Radius: 10.1
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS1yNmozLXB4NWctY3EzeM4AA2X8
Apache Tomcat Improper Input Validation vulnerability
Ecosystems: maven
Packages: org.apache.tomcat.embed:tomcat-embed-core, org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 22.0
Published: 7 months ago
Moderate
GSA_kwCzR0hTQS1jcnFnLWpycGotZmM4NM4AA0fG
Apache Johnzon Deserialization of Untrusted Data vulnerability
Ecosystems: maven
Packages: org.apache.johnzon:johnzon-mapper
Source: GitHub Advisory Database
Blast Radius: 13.7
Published: 10 months ago
Moderate
GSA_kwCzR0hTQS00NzkzLTh3d2gtanh4cs4AArMr
Business Logic Errors in Para
Ecosystems: maven
Packages: com.erudika:para-core
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1jMmo3LTY2bTMtcjRmZs4AAt2f
JSPUI's "Internal System Error" page prints exceptions and stack traces without sanitization
Ecosystems: maven
Packages: org.dspace:dspace-jspui
Source: GitHub Advisory Database
Blast Radius: 11.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1weDNyLTI3cWMtaHg1Z84AAs70
NT auth module vulnerability in OpenAM
Ecosystems: maven
Packages: org.openidentityplatform.openam:openam-core
Source: GitHub Advisory Database
Blast Radius: 1.6
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS00NnAyLWZ3cWctM2g2bc4AASkB
Incorrect Authorization in Jenkins Git Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:git
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1jcHczLXg3Z2YtcDg3Ms4AATSW
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1tOHY3LTQ2OXAtNXg4Oc4AA04K
Hard-coded System User Credentials in Folio Data Export Spring module
Ecosystems: maven
Packages: org.folio:mod-remote-storage
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 months ago
Moderate
GSA_kwCzR0hTQS1xeHA2LTI3Z3ctOTljas4AAnWa
Time-of-check Time-of-use (TOCTOU) Race Condition in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1oNDUyLTc5OTYtaDQ1aM4AAxDY
cookiejar Regular Expression Denial of Service via Cookie.parse function
Ecosystems: maven, npm
Packages: org.webjars.npm:cookiejar, cookiejar
Source: GitHub Advisory Database
Blast Radius: 30.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1tcTR4LTh3aGgtang3M82FRQ
Improper Input Validation in Mortbay Jetty
Ecosystems: maven
Packages: org.mortbay.jetty:jetty
Source: GitHub Advisory Database
Blast Radius: 22.2
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1majZmLTY5MzMtODM5as4AAjcN
Non-constant time HMAC comparison
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1yaDhxLXZqZ2YtZ2Y3NM4AATn9
Improper Limitation of a Pathname to a Restricted Directory in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 14.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1xcHAyLTJtY3AtMndtNc05dg
Unauthenticated user can list hidden document from multiple velocity templates in XWiki
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-web
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS14ZnY1LWpxZ3AtdnFoas4AA3l0
Quarkus Cache Runtime exposes sensitive information to an unauthorized actor
Ecosystems: maven
Packages: io.quarkus:quarkus-cache
Source: GitHub Advisory Database
Blast Radius: 13.2
Published: 5 months ago
Moderate
GSA_kwCzR0hTQS12djZqLTV4NTgtcTJjM82zLg
Cross-site scripting (XSS) vulnerability in Sun Java Server Faces (JSF)
Ecosystems: maven
Packages: com.sun.faces:jsf-api
Source: GitHub Advisory Database
Blast Radius: 21.4
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS04Y3h3LXd2aGMtcDR4NM4AAvdj
Jenkins NUnit Plugin vulnerable to Protection Mechanism Failure
Ecosystems: maven
Packages: org.jenkins-ci.plugins:nunit
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS05N2pnLTQzYzktcTZwZs05dA
Unauthenticated user can retrieve the list of users through uorgsuggest.vm
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-web-templates
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1nN2Z4LW1tamMtcjdnds0ihA
Agent-to-controller security bypass in Jenkins Conjur Secrets Plugin allows decrypting secrets
Ecosystems: maven
Packages: org.conjur.jenkins:conjur-credentials
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNjanAtdzcyMy0yamYy
Apache Tika Server exposes sensitive information
Ecosystems: maven
Packages: org.apache.tika:tika-server
Source: GitHub Advisory Database
Blast Radius: 4.8
Published: over 5 years ago
Moderate
GSA_kwCzR0hTQS0zODNwLXhxeHgtcnJtcM4AAdBJ
Denial of service in Apache Struts
Ecosystems: maven
Packages: ognl:ognl, org.apache.struts:struts2-core
Source: GitHub Advisory Database
Blast Radius: 20.1
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1obXI3LW00OGctNDhmNs4AA13o
Jetty accepts "+" prefixed value in Content-Length
Ecosystems: maven
Packages: org.eclipse.jetty:jetty-http
Source: GitHub Advisory Database
Blast Radius: 20.7
Published: 8 months ago
Moderate
GSA_kwCzR0hTQS1yeHBoLWNxMzgtZ20zZ84AAi-_
Jenkins SCTMExecutor Plugin stores credentials in plain text
Ecosystems: maven
Packages: hudson.plugins.sctmexecutor:SCTMExecutor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1oZjVwLWY4M3gtNXEyZ84AA1Xs
OpenNMS privilege escalation vulnerability
Ecosystems: maven
Packages: org.opennms:opennms-webapp-rest
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 months ago
Moderate
GSA_kwCzR0hTQS1jNndnLWNtNXgtcnF2as4AAx-E
OpenSearch has time discrepancy in authentication responses
Ecosystems: maven
Packages: org.opensearch.plugin:opensearch-security
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS02bXY5LWhjeDUtN21oaM3mmQ
Server-Side Request Forgery in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1mOWN4LTc4OWMtdzJtcs4AASj-
Incorrect Authorization in Jenkins Mercurial Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:mercurial
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhjNjctaGp4Ni1jZ2c2
Installation information leak in Eclipse Jetty
Ecosystems: maven
Packages: org.eclipse.jetty:jetty-server
Source: GitHub Advisory Database
Blast Radius: 24.1
Published: about 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg0bTQtcGdwNC13aGdt
The reset password form reveal users email address
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-web
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS1yYzM5LWc5NzctNjg3d84AAv0X
Use of unclaimed s3 bucket in tests and examples
Ecosystems: maven
Packages: org.deeplearning4j:dl4j-examples, org.deeplearning4j:platform-tests
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS04Y3JyLXhmMzUtNWY1cM4AAQ7H
Jenkins Job Import Plugin CSRF vulnerability
Ecosystems: maven
Packages: org.jenkins-ci.plugins:job-import-plugin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1qN3BnLTg2M2ctMjJwNs4AAvdT
Webhook endpoint discloses job names to unauthorized users in Jenkins Mercurial Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:mercurial
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS05OTg2LXc1aDUtdnc1Oc3E_w
Directory traversal in Mort Bay Jetty
Ecosystems: maven
Packages: org.mortbay.jetty:jetty
Source: GitHub Advisory Database
Blast Radius: 22.2
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS12ZjZyLW1taGMtM3hjbc3z1g
Exposure of Sensitive Information to an Unauthorized Actor in Undertow
Ecosystems: maven
Packages: io.undertow:undertow-core
Source: GitHub Advisory Database
Blast Radius: 19.7
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1xMmZjLTl3dzItZ2dmas4AAyuU
Jenkins Quay.io trigger Plugin webhook endpoint can be accessed without authentication
Ecosystems: maven
Packages: org.jenkins-ci.plugins:quayio-trigger
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS0zNzJxLTMzdmgtOG1wY84AAToA
Inconsistent documentation in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 14.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1mcnhtLXY3cTMtdjJ3ds4AA4l1
Insertion of Sensitive Information into Log File in OWASP DependencyCheck
Ecosystems: maven
Packages: org.owasp:dependency-check-maven, org.owasp:dependency-check-cli, org.owasp:dependency-check-ant
Source: GitHub Advisory Database
Blast Radius: 11.0
Published: 3 months ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTI2cDgteHJqMi1tdjUz
Apache NiFi process group information disclosure
Ecosystems: maven
Packages: org.apache.nifi:nifi, org.apache.nifi:nifi-web-api
Source: GitHub Advisory Database
Blast Radius: 9.8
Published: over 4 years ago
Moderate
GSA_kwCzR0hTQS1wODh3LWZoeHcteHZjY84AAv_W
Exposure of Private Personal Information to an Unauthorized Actor in org.xwiki.platform:xwiki-platform-rest-server
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-rest-server
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1ocjhnLTZ2OTQteDRtOc4AA0NP
Bouncy Castle For Java LDAP injection vulnerability
Ecosystems: maven
Packages: org.bouncycastle:bcprov-debug-jdk15on, org.bouncycastle:bcprov-ext-jdk15on, org.bouncycastle:bcprov-jdk15on, org.bouncycastle:bcprov-debug-jdk14, org.bouncycastle:bcprov-ext-jdk14, org.bouncycastle:bcprov-jdk14, org.bouncycastle:bcprov-debug-jdk18on, org.bouncycastle:bcprov-debug-jdk15to18, org.bouncycastle:bcprov-ext-jdk18on, org.bouncycastle:bcprov-ext-jdk15to18, org.bouncycastle:bcprov-jdk15to18, org.bouncycastle:bcprov-jdk18on
Source: GitHub Advisory Database
Blast Radius: 22.7
Published: 10 months ago
Moderate
GSA_kwCzR0hTQS1oZ2c2LTh4NjItbTlnZs3wQw
Improper Certificate Validation in Apache CXF
Ecosystems: maven
Packages: org.apache.cxf:cxf-core
Source: GitHub Advisory Database
Blast Radius: 17.1
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1ocjY1LXFxNnAtODdyNM4AAofW
Exposure of Sensitive Information to an Unauthorized Actor in Elasticsearch
Ecosystems: maven
Packages: org.elasticsearch:elasticsearch
Source: GitHub Advisory Database
Blast Radius: 22.6
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS12NTM1LXBjNnItNzdxaM4AAv5C
Lack of authentication mechanism for webhook in CloudBees Docker Hub/Registry Notification Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:dockerhub-notification
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS14OXdwLWdmcnItcDVycM4AAv6R
Missing Authorization in Jenkins XP-Dev Plugin
Ecosystems: maven
Packages: com.cloudbees.jenkins.plugins:xpdev
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS14eGhmLXhxNnYtYzhtas4AAs8W
Improper authorization in Jenkins Embeddable Build Status Plugin bypasses ViewStatus permission requirement
Ecosystems: maven
Packages: org.jenkins-ci.plugins:embeddable-build-status
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS00NDl3LWM3N2Mtdm1mNs4AAttO
Lack of authentication mechanism in Jenkins Git Plugin webhook
Ecosystems: maven
Packages: org.jenkins-ci.plugins:git
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZ4eDMtcmc5OS1nYzNw
Timing based private key exposure in Bouncy Castle
Ecosystems: nuget, maven
Packages: BouncyCastle, org.bouncycastle:bcprov-jdk16, org.bouncycastle:bcprov-jdk15to18, org.bouncycastle:bcprov-jdk15on, org.bouncycastle:bcprov-jdk15, org.bouncycastle:bcprov-jdk14, org.bouncycastle:bcprov-ext-jdk16, org.bouncycastle:bcprov-ext-jdk15on, org.bouncycastle:bc-fips
Source: GitHub Advisory Database
Blast Radius: 22.8
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS01ODNnLWc2ODItY3J4Zs4AA5Lp
Micronaut management endpoints vulnerable to drive-by localhost attack
Ecosystems: maven
Packages: io.micronaut:micronaut-http-server-tck, io.micronaut:micronaut-http-server-netty, io.micronaut:micronaut-http-server
Source: GitHub Advisory Database
Blast Radius: 16.0
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS02aG1tLTc3cjItaDZocs4AAjR8
Missing permission checks in Jenkins Amazon EC2 Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:ec2
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1mcDM2LW1qdzUtZm1neM4AAy5w
xwiki-platform-web-templates allows users to be created even when registration is disabled without validation via template macro
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-web-templates
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS1oNzJ2LTY1MncteHY2NM4AAjSP
Missing permission checks in Health Advisor by CloudBees Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:cloudbees-jenkins-advisor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1mYzkyLThyNzctOTI5N84AAjR-
CSRF vulnerability in Health Advisor by CloudBees Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:cloudbees-jenkins-advisor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS00ZjUzLXhoM3YtZzh4NM4AA7I2
Keycloak secondary factor bypass in step-up authentication
Ecosystems: maven
Packages: org.keycloak:keycloak-services
Source: GitHub Advisory Database
Blast Radius: 13.7
Published: 15 days ago
Moderate
GSA_kwCzR0hTQS1qMjRoLXhjcGMtOWp3OM4AA3d2
Eclipse IDE XXE in eclipse.platform
Ecosystems: maven
Packages: org.eclipse.jdt:org.eclipse.jdt.ui, org.eclipse.platform:org.eclipse.urischeme, org.eclipse.platform:org.eclipse.ui.workbench, org.eclipse.platform:org.eclipse.ui.ide, org.eclipse.platform:org.eclipse.ui.forms, org.eclipse.platform:org.eclipse.jface, org.eclipse.platform:org.eclipse.platform, org.eclipse.platform:org.eclipse.core.runtime
Source: GitHub Advisory Database
Blast Radius: 10.8
Published: 5 months ago
Moderate
GSA_kwCzR0hTQS1tam1xLWd3Z20tNXFobc4AA0hU
Apache MINA SSHD information disclosure vulnerability
Ecosystems: maven
Packages: org.apache.sshd:sshd-sftp, org.apache.sshd:sshd-common, org.apache.sshd:sshd-core
Source: GitHub Advisory Database
Blast Radius: 17.0
Published: 10 months ago
Moderate
GSA_kwCzR0hTQS01ZnBxLTNjOXAtM3Izd84AA4E3
ShifuML shifu code injection vulnerability
Ecosystems: maven
Packages: ml.shifu:shifu
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 months ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXh3eDYtdm1qNC01cnY4
Denial of service via deserialization attack in nifi
Ecosystems: maven
Packages: org.apache.nifi:nifi-framework-cluster-protocol
Source: GitHub Advisory Database
Blast Radius: 9.3
Published: over 4 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTcyajQtOTRyeC1jcjZ3
Incorrect Permission Assignment for Critical Resource and Permissive List of Allowed Inputs in Keycloak
Ecosystems: maven
Packages: org.keycloak:keycloak-parent
Source: GitHub Advisory Database
Blast Radius: 7.9
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS04MnYyLWY4NzUtNzNnOc4AAiX7
Wildfly Authorization Misconfiguration
Ecosystems: maven
Packages: org.wildfly.core:wildfly-host-controller
Source: GitHub Advisory Database
Blast Radius: 9.5
Published: almost 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg3ajctcHczdi0zdjN4
Moderate severity vulnerability that affects org.keycloak:keycloak-core
Ecosystems: maven
Packages: org.keycloak:keycloak-core
Source: GitHub Advisory Database
Blast Radius: 15.0
Published: over 5 years ago
Moderate
GSA_kwCzR0hTQS1tMnI1LTR3OTYtcXhnNc1Biw
Arbitrary file access through XML parsing in org.xwiki.commons:xwiki-commons-xml
Ecosystems: maven
Packages: org.xwiki.commons:xwiki-commons-xml
Source: GitHub Advisory Database
Blast Radius: 9.2
Published: about 2 years ago
Statistics
Advisories: 18,311
Packages: 8,276
Repositories: 969
Ecosystems: 12
Filter by Severity
Moderate 7,904 High 6,338 Critical 2,801 Low 981
Filter by Ecosystem
maven 5,520 packagist 3,783 pypi 3,698 npm 3,535 go 1,889 nuget 1,390 rubygems 814 cargo 775 swift 31 hex 29 actions 16 pub 8
Filter by Package
org.jenkins-ci.main:jenkins-core 189 org.apache.tomcat:tomcat 134 com.fasterxml.jackson.core:jackson-databind 69 org.apache.struts:struts2-core 55 org.keycloak:keycloak-core 47 com.liferay.portal:release.portal.bom 45 org.apache.tomcat.embed:tomcat-embed-core 37 com.jfinal:jfinal 36 com.thoughtworks.xstream:xstream 36 net.mingsoft:ms-mcms 35 org.xwiki.platform:xwiki-platform-oldcore 34 org.elasticsearch:elasticsearch 32 org.jenkins-ci.plugins:script-security 30 io.undertow:undertow-core 27 org.keycloak:keycloak-services 27 org.apache.solr:solr-core 25 org.keycloak:keycloak-parent 25 org.springframework.security:spring-security-core 23 org.eclipse.jetty:jetty-server 23 org.apache.nifi:nifi 22 org.apache.openmeetings:openmeetings-parent 21 org.cloudfoundry.identity:cloudfoundry-identity-server 20 org.springframework:spring-core 19 org.bouncycastle:bcprov-jdk14 18 com.vaadin:vaadin-bom 18 com.liferay.portal:release.dxp.bom 18 org.xwiki.platform:xwiki-platform-web-templates 17 org.apache.geode:geode-core 17 org.apache.activemq:activemq-client 16 org.apache.dubbo:dubbo 16 org.bouncycastle:bcprov-jdk15 16 org.apache.struts.xwork:xwork-core 15 org.apache.jspwiki:jspwiki-main 15 org.xwiki.platform:xwiki-platform-web 14 org.apache.hadoop:hadoop-main 13 org.apache.inlong:manager-pojo 13 org.apache.cxf:cxf 13 com.vaadin:flow-server 12 org.apache.dolphinscheduler:dolphinscheduler 12 org.jenkins-ci.plugins:git 12 org.jenkins-ci.plugins.workflow:workflow-cps 12 org.apache.tika:tika-core 11 com.xuxueli:xxl-job 11 org.apache.jspwiki:jspwiki-war 11 org.apache.commons:commons-compress 11 org.jeecgframework.boot:jeecg-boot-common 11 org.apache.camel:camel-core 11 org.igniterealtime.openfire:parent 11 org.jenkins-ci.plugins:email-ext 11 org.mortbay.jetty:jetty 11 org.apache.james:james-server 11 org.apache.hadoop:hadoop-common 11 org.apache.cxf:cxf-core 11 org.apache.ranger:ranger 11 org.jeecgframework.boot:jeecg-boot-parent 11 org.apache.tomcat:tomcat-coyote 11 org.jboss.netty:netty 10 io.netty:netty 10 org.jenkins-ci.plugins.workflow:workflow-cps-global-lib 10 org.xwiki.platform:xwiki-platform-administration-ui 10 org.apache.inlong:manager-service 10 org.apache.archiva:archiva 9 org.apache.tapestry:tapestry-core 9 org.craftercms:crafter-studio 9 com.sonyericsson.jenkins.plugins.bfa:build-failure-analyzer 9 org.opennms:opennms 9 org.springframework:spring-web 9 org.apache.xmlgraphics:batik 9 jquery 9 jquery-rails 9 org.jenkins-ci.plugins:active-directory 9 org.opencrx:opencrx-core-models 9 org.bouncycastle:bcprov-jdk15on 9 org.apache.shiro:shiro-core 9 io.jenkins:configuration-as-code 9 org.jenkins-ci.plugins:config-file-provider 9 org.apache.tomcat:tomcat-catalina 9 org.jenkins-ci.plugins:electricflow 9 org.webjars.npm:jquery 9 org.apache.hive:hive 9 org.springframework:spring-webmvc 9 cn.hutool:hutool-core 9 io.jenkins.blueocean:blueocean 8 jQuery 8 org.apache.santuario:xmlsec 8 org.apache.hive:hive-exec 8 org.apache.zeppelin:zeppelin 8 com.hazelcast:hazelcast 8 org.postgresql:postgresql 8 mysql:mysql-connector-java 8 org.yaml:snakeyaml 8 org.apache.pdfbox:pdfbox 8 org.apache.kylin:kylin 8 org.apache.ozone:ozone-main 8 org.jenkins-ci.plugins:ec2 8 org.opencms:opencms-core 8 org.graylog2:graylog2-server 8 org.apache.ambari:ambari 8 org.jenkins-ci.plugins:artifactory 7 jquery-ui 7 jquery-ui-rails 7 org.webjars.npm:jquery-ui 7 org.apache.tika:tika 7 jQuery.UI.Combined 7 org.jenkins-ci.plugins:mercurial 7 io.jenkins.plugins:miniorange-saml-sp 7 io.jenkins.plugins:cavisson-ns-nd-integration 7 org.owasp.antisamy:antisamy 7 net.opentsdb:opentsdb 7 org.jenkins-ci.plugins:openshift-deployer 7 io.dataease:dataease-plugin-common 7 io.jenkins.plugins:warnings-ng 7 org.jenkins-ci.plugins:rundeck 7 org.apache.hive:hive-service 7 org.apache.atlas:atlas-common 7 org.apache.linkis:linkis 7 org.apache.spark:spark-core_2.11 7 rubygems-update 7 org.jruby:jruby-stdlib 7 io.atomix:atomix 7 org.apache.inlong:manager-web 7 org.apache.activemq:activemq-parent 7 org.jboss.resteasy:resteasy-client 7 org.jenkins-ci.plugins:jobConfigHistory 7 org.owasp.esapi:esapi 7 org.jenkins-ci.plugins:subversion 7 org.apache.cxf:apache-cxf 7 org.jeecgframework.boot:jeecg-boot-base 7 org.apache.karaf:apache-karaf 7 org.apache.derby:derby 7 org.apache.logging.log4j:log4j-core 7 org.silverpeas.core:silverpeas-core-web 7 org.apache.poi:poi 7 commons-fileupload:commons-fileupload 6 org.csanchez.jenkins.plugins:kubernetes 6 de.tum.in.ase:artemis-java-test-sandbox 6 org.apache.pulsar:pulsar-broker 6 io.netty:netty-handler 6 org.apache.solr:solr-parent 6 org.apache.mesos:mesos 6 org.jenkins-ci.plugins:azure-vm-agents 6 com.sonyericsson.hudson.plugins.gerrit:gerrit-trigger 6 org.apache.httpcomponents:httpclient 6 org.jenkins-ci.plugins:gitlab-oauth 6 tech.powerjob:powerjob 6 org.opensearch.plugin:opensearch-security 6 io.netty:netty-codec-http 6 cn.hutool:hutool-json 6 com.xebialabs.deployit.ci:deployit-plugin 6 org.jenkins-ci.plugins:ec2-deployment-dashboard 6 org.jenkins-ci.plugins:fortify-on-demand-uploader 6 org.apache.storm:storm-core 6 org.apache.spark:spark-core_2.10 6 org.jenkins-ci.plugins:repository-connector 6 org.jenkins-ci.plugins:pipeline-maven 6 com.jflyfox:jflyfox_jfinal 6 org.opencastproject:opencast-kernel 6 org.apache.struts:struts2-rest-plugin 6 org.xwiki.commons:xwiki-commons-xml 6 axis:axis 6 org.apache.axis:axis 6 org.apache.shenyu:shenyu-common 6 org.apache.syncope:syncope-core 6 hudson.plugins:project-inheritance 6 org.jenkins-ci.plugins:matrix-project 5 org.apache.cassandra:cassandra-all 5 org.jenkins-ci.plugins:delphix 5 org.apache.kylin:kylin-server-base 5 org.jenkins-ci.plugins:junit 5 org.jenkins-ci.plugins:support-core 5 com.mabl.integration.jenkins:mabl-integration 5 org.apache.ignite:ignite-core 5 org.apache.zookeeper:zookeeper 5 info.magnolia:magnolia-core 5 org.jenkins-ci.plugins:codedx 5 org.jenkins-ci.plugins:google-compute-engine 5 org.infinispan:infinispan-core 5 com.nimbusds:nimbus-jose-jwt 5 org.dspace:dspace-jspui 5 org.wildfly:wildfly-parent 5 org.codehaus.jettison:jettison 5 org.apache.druid:druid 5 org.jenkins-ci.plugins:ghprb 5 org.apache.zeppelin:zeppelin-server 5 com.google.protobuf:protobuf-java 5 com.ruoyi:ruoyi 5 org.jeecgframework.boot:jeecg-boot-base-core 5 org.neo4j.procedure:apoc 5 org.jboss.resteasy:resteasy-bom 5 org.apache.hadoop:hadoop-client 5 org.apache.inlong:manager-dao 5 org.jenkins-ci.plugins:fortify 5 org.jenkins-ci.plugins:credentials 5 org.jenkins-ci.plugins:websphere-deployer 5 org.xwiki.platform:xwiki-platform-appwithinminutes-ui 5 org.zenframework.z8.dependencies.commons:log4j-1.2.17 5 log4j:log4j 5 org.opennms:opennms-webapp 5 org.jenkins-ci.plugins:google-login 5 com.datapipe.jenkins.plugins:hashicorp-vault-plugin 5
Filter by Repository
https://github.com/xwiki/xwiki-platform 172 https://github.com/jenkinsci/jenkins 148 https://github.com/apache/tomcat 96 https://github.com/FasterXML/jackson-databind 70 https://github.com/keycloak/keycloak 58 https://github.com/apache/struts 46 https://github.com/spring-projects/spring-framework 41 https://github.com/x-stream/xstream 36 https://github.com/apache/activemq 32 https://github.com/CVEProject/cvelist 28 https://github.com/apache/inlong 25 https://github.com/eclipse/jetty.project 23 https://github.com/apache/nifi 21 https://github.com/netty/netty 20 https://github.com/OpenNMS/opennms 20 https://github.com/jenkinsci/script-security-plugin 20 https://github.com/jeecgboot/jeecg-boot 20 https://github.com/cloudfoundry/uaa 19 https://github.com/apache/cxf 19 https://github.com/bcgit/bc-java 18 https://github.com/vaadin/platform 17 https://github.com/opencast/opencast 16 https://github.com/apache/camel 15 https://github.com/geoserver/geoserver 15 https://github.com/ming-soft/MCMS 13 https://github.com/xuxueli/xxl-job 13 https://github.com/undertow-io/undertow 13 https://github.com/quarkusio/quarkus 13 https://github.com/apache/dolphinscheduler 12 https://github.com/apache/kylin 12 https://github.com/dromara/hutool 12 https://github.com/igniterealtime/Openfire 11 https://github.com/vaadin/flow 11 https://github.com/jenkinsci/git-plugin 10 https://github.com/jquery/jquery 10 https://github.com/Graylog2/graylog2-server 9 https://github.com/DSpace/DSpace 9 https://github.com/spring-projects/spring-security 9 https://github.com/cui2shark/cms 9 https://github.com/apache/lucene-solr 9 https://github.com/nahsra/antisamy 8 https://github.com/apache/zeppelin 8 https://github.com/opensearch-project/security 8 https://github.com/jenkinsci/config-file-provider-plugin 8 https://github.com/hazelcast/hazelcast 8 https://github.com/xwiki/xwiki-commons 8 https://github.com/apache/xmlgraphics-batik 7 https://github.com/OpenTSDB/opentsdb 7 https://github.com/vaadin/framework 7 https://github.com/jflyfox/jfinal_cms 7 https://github.com/rubygems/rubygems 7 https://github.com/rundeck/rundeck 7 https://github.com/dataease/dataease 7 https://github.com/RhinoSecurityLabs/CVEs 7 https://github.com/pgjdbc/pgjdbc 7 https://github.com/jenkinsci/blueocean-plugin 7 https://github.com/ratpack/ratpack 7 https://github.com/resteasy/resteasy 6 https://github.com/jenkinsci/fortify-on-demand-uploader-plugin 6 https://github.com/apache/hadoop 6 https://github.com/DrunkenShells/Disclosures 6 https://github.com/jenkinsci/gerrit-trigger-plugin 6 https://github.com/vert-x3/vertx-web 6 https://github.com/http4s/http4s 6 https://github.com/apache/pulsar 6 https://github.com/line/armeria 6 https://github.com/jenkinsci/electricflow-plugin 6 https://github.com/ESAPI/esapi-java-legacy 6 https://github.com/ls1intum/Ares 6 https://github.com/OpenRefine/OpenRefine 6 https://bitbucket.org/snakeyaml/snakeyaml 6 https://github.com/jquery/jquery-ui 6 https://github.com/jenkinsci/build-failure-analyzer-plugin 6 https://github.com/apache/tika 6 https://github.com/jenkinsci/configuration-as-code-plugin 6 https://github.com/cui2shark/security 6 https://github.com/playframework/playframework 6 https://github.com/jenkinsci/ec2-plugin 6 https://github.com/jenkinsci/email-ext-plugin 5 https://github.com/neo4j-contrib/neo4j-apoc-procedures 5 https://github.com/jenkinsci/github-plugin 5 https://github.com/apache/shiro 5 https://github.com/jenkinsci/gitlab-plugin 5 https://github.com/apache/shenyu 5 https://github.com/JLLeitschuh/security-research 5 https://github.com/jenkinsci/workflow-cps-global-lib-plugin 5 https://github.com/jenkinsci/codedx-plugin 5 https://github.com/apache/karaf 5 https://github.com/h2database/h2database 5 https://github.com/apiman/apiman 5 https://github.com/jenkinsci/active-directory-plugin 5 https://github.com/alibaba/nacos 5 https://github.com/jenkinsci/junit-plugin 5 https://github.com/apache/openmeetings 5 https://github.com/OpenAPITools/openapi-generator 5 https://github.com/jettison-json/jettison 5 https://github.com/jenkinsci/m2release-plugin 5 https://github.com/grails/grails-core 5 https://bitbucket.org/connect2id/nimbus-jose-jwt 5 https://github.com/restlet/restlet-framework-java 5 https://github.com/PowerJob/PowerJob 5 https://github.com/jenkinsci/support-core-plugin 5 https://github.com/jenkinsci/subversion-plugin 5 https://github.com/protocolbuffers/protobuf 5 https://github.com/jensdietrich/xshady-release 5 https://github.com/apache/geode 5 https://github.com/jenkinsci/publish-over-ssh-plugin 5 https://github.com/jenkinsci/htmlpublisher-plugin 4 https://github.com/aws/aws-iot-device-sdk-java-v2 4 https://github.com/jenkinsci/warnings-ng-plugin 4 https://github.com/jenkinsci/rundeck-plugin 4 https://github.com/infinispan/infinispan 4 https://github.com/jenkinsci/job-config-history-plugin 4 https://github.com/jenkinsci/nexus-platform-plugin 4 https://github.com/micronaut-projects/micronaut-core 4 https://github.com/skylot/jadx 4 https://github.com/itext/itext7 4 https://github.com/shopizer-ecommerce/shopizer 4 https://github.com/apache/solr 4 https://github.com/jenkinsci/libvirt-slave-plugin 4 https://github.com/reportportal/reportportal 4 https://github.com/jenkinsci/ansible-plugin 4 https://github.com/resteasy/Resteasy 4 https://github.com/ktorio/ktor 4 https://github.com/pippo-java/pippo 4 https://github.com/jfinal/jfinal 4 https://github.com/jenkinsci/xldeploy-plugin 4 https://github.com/nightcloudos/new_cms 4 https://github.com/apache/httpcomponents-client 4 https://github.com/stanfordnlp/corenlp 4 https://github.com/jenkinsci/credentials-binding-plugin 4 https://github.com/jenkinsci/fortify-plugin 4 https://github.com/jenkinsci/gitlab-oauth-plugin 4 https://github.com/apache/activemq-artemis 4 https://github.com/apache/syncope 4 https://github.com/xerial/snappy-java 4 https://github.com/HtmlUnit/htmlunit 4 https://github.com/jenkinsci/workflow-cps-plugin 4 https://github.com/jenkinsci/p4-plugin 4 https://github.com/jenkinsci/active-choices-plugin 4 https://github.com/yamcs/yamcs 4 https://github.com/jenkinsci/hpe-application-automation-tools-plugin 4 https://github.com/alkacon/opencms-core 4 https://github.com/jenkinsci/matrix-project-plugin 4 https://github.com/google/guava 3 https://github.com/apache/santuario-java 3 https://github.com/pf4j/pf4j 3 https://github.com/Rabb1ter/cms 3 https://github.com/eclipse-ee4j/mojarra 3 https://github.com/opengoofy/hippo4j 3 https://github.com/orientechnologies/orientdb 3 https://github.com/peteroupc/CBOR-Java 3 https://github.com/jenkinsci/nomad-plugin 3 https://github.com/qos-ch/logback 3 https://github.com/jenkinsci/mailer-plugin 3 https://github.com/apache/ranger 3 https://github.com/open-metadata/OpenMetadata 3 https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server 3 https://github.com/mbechler/marshalsec 3 https://github.com/OWASP/json-sanitizer 3 https://github.com/eclipse/lemminx 3 https://github.com/apache/storm 3 https://github.com/jenkinsci/mercurial-plugin 3 https://github.com/apache/commons-configuration 3 https://github.com/wildfly/wildfly-core 3 https://github.com/AsyncHttpClient/async-http-client 3 https://github.com/jhy/jsoup 3 https://github.com/jenkinsci/database-plugin 3 https://github.com/codehaus-plexus/plexus-utils 3 https://github.com/jenkinsci/cvs-plugin 3 https://github.com/wso2/carbon-registry 3 https://github.com/Jarvis-616/cms 3 https://github.com/jenkinsci/crx-content-package-deployer-plugin 3 https://github.com/javamelody/javamelody 3 https://github.com/jenkinsci/compuware-topaz-for-total-test-plugin 3 https://svn.apache.org/viewvc/tomcat/tc7.0.x 3 https://github.com/xwiki/xwiki-rendering 3 https://github.com/jenkinsci/code-coverage-api-plugin 3 https://github.com/ysuzhangbin/cms 3 https://github.com/jenkinsci/cloudbees-jenkins-advisor-plugin 3 https://github.com/jenkinsci/ci-with-toad-edge-plugin 3 https://github.com/joniles/mpxj 3 https://github.com/jooby-project/jooby 3 https://github.com/jenkinsci/cas-plugin 3 https://github.com/Adobe-Consulting-Services/acs-aem-commons 3 https://github.com/jenkinsci/bitbucket-oauth-plugin 3 https://github.com/jenkinsci/audit-trail-plugin 3 https://github.com/jenkinsci/azure-vm-agents-plugin 3 https://github.com/jenkinsci/azure-credentials-plugin 3 https://svn.apache.org/viewvc/lucene/dev 3 https://github.com/jenkinsci/scriptler-plugin 3 https://github.com/rhuss/jolokia 3 https://github.com/jenkinsci/mac-plugin 3 https://github.com/jenkinsci/lucene-search-plugin 3 https://github.com/matrix-org/matrix-android-sdk2 3 https://github.com/jenkinsci/liquibase-runner-plugin 3 https://github.com/jenkinsci/kubernetes-plugin 3 https://github.com/apache/olingo-odata4 3 https://github.com/grpc/grpc 3