Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

maven Security Advisories

Loading...
High
GSA_kwCzR0hTQS1tM3d2LWZyOHYtZm1oN84AAR2w
Jenkins Build-Publisher plugin has Insufficiently Protected Credentials
Ecosystems: maven
Packages: org.jenkins-ci.plugins:build-publisher
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS0zNDZnLWpyeDktamdmNM4AAie0
Jenkins 360 FireLine Plugin vulnerable to XML External Entity Reference
Ecosystems: maven
Packages: org.jenkins-ci.plugins.plugin:fireline
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS13bXhtLTZ3eGMtM3hxZs4AAwgk
Apache ShardingSphere-Proxy Incomplete Cleanup vulnerability
Ecosystems: maven
Packages: org.apache.shardingsphere:shardingsphere-proxy
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
High
GSA_kwCzR0hTQS0zaHg0LTI4NXctdjZtbc4AAtDU
Jenkins Project Inheritance Plugin vulnerable to cross site scripting
Ecosystems: maven
Packages: hudson.plugins:project-inheritance
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS00djVjLTV2NmMtMzdwas4AAtEF
Jenkins Matrix Reloaded Plugin vulnerable to CSRF
Ecosystems: maven
Packages: net.praqma:matrix-reloaded
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS01OWc0LWhwZzMtM2djcM0bQw
Files Accessible to External Parties in Opencast
Ecosystems: maven
Packages: org.opencastproject:opencast-ingest-service-impl
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS1jaDYzLTZjbWctZ3dnMs0zIw
Arbitrary JSON and property file read vulnerability in Jenkins Extended Choice Parameter Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:extended-choice-parameter
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1oODU1LTZocGgtdjM2M84AAyVZ
Hippo4j allows attacker to obtain sensitive info via ConfigVerifyController function of Tenant Management module
Ecosystems: maven
Packages: cn.hippo4j:hippo4j-all
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
High
GSA_kwCzR0hTQS02eGhqLXAyOXYtODJqOM4AATB1
Apache Sentry may allow attacker to access/remove data from Sentry protected table
Ecosystems: maven
Packages: org.apache.sentry:sentry
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS13cTN3LTNyeGgtdmN4eM4AAygQ
Jenkins OctoPerf Load Testing Plugin vulnerable to Cross-site Request Forgery
Ecosystems: maven
Packages: org.jenkinsci.plugins:octoperf
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
High
GSA_kwCzR0hTQS1mZjg0LTg0cTUtZnE0Zs0XvQ
Incorrect Authorization in Apache Ozone
Ecosystems: maven
Packages: org.apache.ozone:ozone-main
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
GSA_kwCzR0hTQS04NmZoLWo1OG0tN3BmNc0XvA
Improper Privilege Management in Apache Ozone
Ecosystems: maven
Packages: org.apache.ozone:ozone-main
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS1qOWg0LXA2cDctODY1Ms4AAygL
Jenkins OctoPerf Load Testing Plugin vulnerable to credential capture
Ecosystems: maven
Packages: org.jenkinsci.plugins:octoperf
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS0zdzVoLXg0cmgtaGMyOM0Xmg
Exposure of sensitive information in Apache Ozone
Ecosystems: maven
Packages: org.apache.ozone:ozone-main
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS1jNGpyLXZqbTQtMjdocc4AAyZE
Veracode Scan Jenkins Plugin vulnerable to information disclosure
Ecosystems: maven
Packages: com.veracode.jenkins:veracode-scan
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
High
GSA_kwCzR0hTQS1nNTh4LTU3ZnYtODZqaM4AA1u1
Jenkins Google Login Plugin non-constant time token comparison
Ecosystems: maven
Packages: org.jenkins-ci.plugins:google-login
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 months ago
Critical
GSA_kwCzR0hTQS02cmZ2LWg1djgtY2o3Z84AAyfK
jeecg-boot vulnerable to improper authentication
Ecosystems: maven
Packages: org.jeecgframework.boot:jeecg-boot-parent
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS1ycmhmLTMycnEtZjI4aM4AAyo_
Apache Linkis DatasourceManager module has deserialization vulnerability
Ecosystems: maven
Packages: org.apache.linkis:linkis-datasource
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
High
GSA_kwCzR0hTQS03ZnFyLTk3ajctamdmNM4AA3RN
Whole content of all documents of all wikis exposed to anybody with view right on Solr suggest service
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-search-solr-query
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
Moderate
GSA_kwCzR0hTQS1mN2ZxLXdwMngtamMyNc4AAu-h
Jenkins WildFly Deployer Plugin vulnerable to path traversal
Ecosystems: maven
Packages: org.jenkins-ci.plugins:wildfly-deployer
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1nZ2dwLWdoMnAtOTk2eM0tfQ
Path Traversal in LemMinX
Ecosystems: maven
Packages: org.eclipse.lemminx:lemminx-parent
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS05NHJqLWM0amotdjQ3Ns4AAhQ_
Jenkins Embeddable Build Status Plugin contains Cross-site Scripting
Ecosystems: maven
Packages: io.jenkins.plugins:embeddable-build-status-plugin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1nNTdnLXJ2cGctMmYyY84AAxyH
OpenNMS Meridian and Horizon vulnerable to Cross-site Scripting
Ecosystems: maven
Packages: org.opennms:opennms-webapp
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS12NWhxLWNxcXItNnc0Z84AAyui
Jenkins Kubernetes Plugin does not properly mask credentials
Ecosystems: maven
Packages: org.csanchez.jenkins.plugins:kubernetes
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS1mMjQ0LWY5ZmMtdzZmcc4AAyuX
Jenkins Thycotic DevOps Secrets Vault Plugin does not properly mask credentials
Ecosystems: maven
Packages: io.jenkins.plugins:thycotic-devops-secrets-vault
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS0zOGpjLTJyd3gtcWd4cs4AAyuT
Jenkins Image Tag Parameter Plugin improperly introduces option to opt out of SSL/TLS certificate validation
Ecosystems: maven
Packages: org.jenkins-ci.plugins:image-tag-parameter
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS0yNDgyLWdyM3YtZjNmM84AAyuR
Jenkins Fogbugz Plugin has missing permissions check
Ecosystems: maven
Packages: org.jenkins-ci.plugins:fogbugz
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS1oZ3B3LTZwNGgtajZoNc4AA2-W
XWiki Platform vulnerable to remote code execution via the edit action because it lacks CSRF token
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-oldcore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
High
GSA_kwCzR0hTQS1nMnFxLWM1ajktNXc1d84AA2-X
XWiki Platform vulnerable to privilege escalation and remote code execution via the edit action
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-oldcore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
High
GSA_kwCzR0hTQS1xZ203LW03N2YtajhwZs4AAygA
Jenkins Performance Publisher Plugin vulnerable to XML external entity (XXE) attacks
Ecosystems: maven
Packages: org.jenkins-ci.plugins:perfpublisher
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS1oZzV4LTN3M3gtN2c5Ns4AAy5v
xwiki-platform-web-templates vulnerable to Eval Injection
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-web-templates
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS14NzY0LWZmOHItOWhweM4AAy56
XWiki Platform vulnerable to code injection in display method used in user profiles
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-oldcore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Low
GSA_kwCzR0hTQS1oMjU5LTNyamctNXFwM84AAVUs
Exposure of Sensitive Information to an Unauthorized Actor in JBoss Fuse
Ecosystems: maven
Packages: org.jboss.fuse:jboss-fuse
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS1tanc5LTNmOWYtanEyd84AAy55
XWiki Platform vulnerable to code injection from view right on XWiki.ClassSheet
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-xclass-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFxdjYtNXc2cC0zcGdy
Moderate severity vulnerability that affects org.hswebframework.web:hsweb-commons
Ecosystems: maven
Packages: org.hswebframework.web:hsweb-commons
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 5 years ago
High
GSA_kwCzR0hTQS1weDU0LTN3NWotcWpnOc4AAy51
XWiki Platform vulnerable to privilege escalation from view right using Invitation.InvitationCommon
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-invitation-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
High
GSA_kwCzR0hTQS12aDVjLWpxZmctbWhyaM0pfg
Cross-Site Request Forgery in xwiki-platform
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-administration-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
GSA_kwCzR0hTQS05OXB4LTc3MjQtNDg0ds0VvQ
Remote Code Execution in Any23
Ecosystems: maven
Packages: org.apache.any23:apache-any23
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS1xcmgyLW1oOTctcHc4cM4AAQap
CSRF vulnerability in Jenkins Audit to Database Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:audit2db
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1wMng0LTZnaHItNnZtcc4AAv_V
Exposure of Sensitive Information to an Unauthorized Actor in org.xwiki.platform:xwiki-platform-livetable-ui
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-livetable-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1mdzloLWN4eDktZ2ZxM84AA4qy
Shared projects are unconditionally discovered by Jenkins GitLab Branch Source Plugin
Ecosystems: maven
Packages: io.jenkins.plugins:gitlab-branch-source
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
Moderate
GSA_kwCzR0hTQS0yZ3ByLWo1dmotd3ZoMs4AA0NS
Apache Any23 vulnerable to excessive memory usage
Ecosystems: maven
Packages: org.apache.any23:apache-any23
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
High
GSA_kwCzR0hTQS01dmNtLTN4YzMtdzd4M80V6w
Response Splitting from unsanitized headers
Ecosystems: maven
Packages: org.http4s:http4s-client, org.http4s:http4s-server
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
GSA_kwCzR0hTQS1oOHA4LTYzNzgtNjQ5cM4AAxJ1
XML external entity reference vulnerability on agents in Jenkins Semantic Versioning Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:semantic-versioning-plugin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS1jcDNqLTI3M3gtM2p4Y84AA329
XSS/CSRF Remote Code Execution in XWiki.ConfigurableClass
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-administration-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
Low
GSA_kwCzR0hTQS03OTN3LXEyaDUtOGg1as4AAivX
Jenkins QMetry for JIRA Plugin shows plain text password in configuration form
Ecosystems: maven
Packages: org.jenkins-ci.plugins:qmetry-for-jira-test-management
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1wdjdwLWM3Y3AtdnJoM806qA
Stored Cross-site Scripting in Jenkins Node and Label parameter Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:nodelabelparameter
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Critical
GSA_kwCzR0hTQS03cmZnLTYyNzMtZjV3cM4AA3RM
Cookies are sent to external images in rendered diff (and server side request forgery)
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-diff-xml
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
Critical
GSA_kwCzR0hTQS1mNm1xLTZmeDUtdzJjaM4AAvdZ
Jenkins Script Security Plugin sandbox bypass vulnerability
Ecosystems: maven
Packages: org.jenkins-ci.plugins:script-security
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1manBtLWhmN2MteGdjMs0iiw
Stored XSS vulnerability in Jenkins Publish Over SSH Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:publish-over-ssh
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS04NXJxLWhwOHgtZ2hqcc0imA
Cross-Site Request Forgery in Jenkins Mailer Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:mailer
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
High
GSA_kwCzR0hTQS1ydmg0LWcycmotaHI5Y80ikw
Path Traversal in Jenkins Warnings Next Generation Plugin
Ecosystems: maven
Packages: io.jenkins.plugins:warnings-ng
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
High
GSA_kwCzR0hTQS01d2M0LXc2M3YtOTdjM84AApt6
XXE vulnerability in Jenkins Nested View Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:nested-view
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS0yNHc1LXc2ZnctcXF4N84AAifE
Jenkins Global Post Script Plugin missing permission check
Ecosystems: maven
Packages: org.jenkins-ci.plugins:global-post-script
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS1jdjJ3LXE4YzMteGp2N84AAqj6
Agent-to-controller access control allows reading/writing most content of build directories in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1oMjQ2LWczOXgtN3ZteM4AArAu
Missing permission check in Jenkins XebiaLabs XL Deploy Plugin allows enumerating credentials IDs
Ecosystems: maven
Packages: com.xebialabs.deployit.ci:deployit-plugin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Low
GSA_kwCzR0hTQS01cjMzLW1namYtNjY1Ns4AA1Vz
Jenkins Tuleap Authentication Plugin non-constant time token comparison
Ecosystems: maven
Packages: io.jenkins.plugins:tuleap-oauth
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 months ago
Critical
GSA_kwCzR0hTQS03MzJmLXc1ODUtZ21wY84AAo4d
XXE vulnerability in Jenkins Generic Webhook Trigger Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:generic-webhook-trigger
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS05N21nLTlqaGYtcjdybc4AA1V4
Jenkins Maven Artifact ChoiceListProvider (Nexus) Plugin vulnerable to exposure of system-scoped credentials
Ecosystems: maven
Packages: org.jenkins-ci.plugins:maven-artifact-choicelistprovider
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 months ago
High
GSA_kwCzR0hTQS1qZzM1LXZmNjctZ2cyas4AA1V_
Jenkins Shortcut Job Plugin stored cross-site scripting vulnerability
Ecosystems: maven
Packages: io.jenkins.plugins:shortcut-job
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 months ago
Moderate
GSA_kwCzR0hTQS14ZnJ3LXBjbWMtcjJwM84AAn9_
Missing permission checks in Jenkins OWASP Dependency-Track Plugin allow capturing credentials
Ecosystems: maven
Packages: org.jenkins-ci.plugins:dependency-track
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS00NjI1LXE1MnctMzljeM4AAnOJ
Missing permission check for paths with specific prefix in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS1mbTY4LWo3d3ctaDl4Zs4AA0KP
XWiki Platform vulnerable to Code Injection in icon themes
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-icon-ui, org.xwiki.platform:xwiki-platform-icon-default, org.xwiki.platform:xwiki-platform-icon-script
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
Moderate
GSA_kwCzR0hTQS05Nmp3LTN4dzQtbXE5cM4AAn2-
Incorrect permission checks in Jenkins Matrix Authorization Strategy Plugin may allow accessing some items
Ecosystems: maven
Packages: org.jenkins-ci.plugins:matrix-auth
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS03cWYzLWMycTgtNjltM84AAnOa
Reflected XSS vulnerability in Jenkins markup formatter preview
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS05NTRmLXh3NDQtNTZyMs4AAmgB
Authentication cache in Active Directory Jenkins Plugin allows logging in with any password
Ecosystems: maven
Packages: org.jenkins-ci.plugins:active-directory
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS1xOWhnLTlxajItbXhmOc4AAz9u
XWiki Platform vulnerable to cross-site scripting via xcontinue parameter in previewactions template
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-flamingo-skin-resources
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
Moderate
GSA_kwCzR0hTQS12bWc4LWc4ajMtbTM1Nc4AAmK-
Stored XSS vulnerability in Jenkins Release Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:release
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1md3dqLXdnODktN2g0Y84AAz9t
XWiki Platform vulnerable to cross-site scripting in target parameter via share page by email
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-sharepage-api
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
Moderate
GSA_kwCzR0hTQS1yamNoLWo1eDktZmdwaM4AAmLA
Stored XSS vulnerability in Jenkins Active Choices Plugin
Ecosystems: maven
Packages: org.biouno:uno-choice
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS1mNHY4LTU4ZjYtbXdqNM4AAyuw
org.xwiki.platform:xwiki-platform-flamingo-theme-ui Eval Injection vulnerability
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-flamingo-theme-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS1jNWY0LXA1d3YtMjQ3Nc4AAyur
xwiki.platform:xwiki-platform-panels-ui Eval Injection vulnerability
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-panels-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS12d3I2LXFwNHEtMndqN84AAx7P
XWiki Platform vulnerable to privilege escalation via async macro and IconThemeSheet from the user profile
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-icon-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS1xNzM2LXJnY3AtcTQ0M84AAhRD
Jenkins Gogs Plugin stored credentials in plain text
Ecosystems: maven
Packages: org.jenkins-ci.plugins:gogs-webhook
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS02dzhoLTI2eHgtY2Y4cc4AAv_U
Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') in org.xwiki.platform:xwiki-platform-menu-ui
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-menu-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1mZnY4LXg4MjItZng3M84AAQYV
Jenkins TestFairy Plugin stores credentials in plain text
Ecosystems: maven
Packages: org.jenkins-ci.plugins:TestFairy
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS1oNjZwLW03NjYtMzNmds4AASkc
AWS CodeDeploy Plugin stored AWS Secret Key in plain text
Ecosystems: maven
Packages: com.amazonaws:codedeploy
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1meDlwLTJxdngtcGdqds4AAg98
Jenkins ElectricFlow Plugin is vulnerable to stored cross site scripting vulnerability
Ecosystems: maven
Packages: org.jenkins-ci.plugins:electricflow
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1qMzY1LTYycHgtdmpqds4AAgeB
Jenkins GitLab Plugin Cross-Site Request Forgery vulnerability
Ecosystems: maven
Packages: org.jenkins-ci.plugins:gitlab-plugin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS0yMnhwLTdyY3gteHAzNM33Vw
Jenkins Slack Notification Plugin missing permission check
Ecosystems: maven
Packages: org.jenkins-ci.plugins:slack
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1wbW1yLXI5djItNTlwOM4AAzW7
Jenkins Reverse Proxy Auth Plugin cross-site request forgery vulnerability
Ecosystems: maven
Packages: org.jenkins-ci.plugins:reverse-proxy-auth-plugin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Low
GSA_kwCzR0hTQS04NHA0LTdteGMtN3Boas37CA
Jenkins Amazon SNS Build Notifier Plugin stores credentials in plain text
Ecosystems: maven
Packages: org.jenkins-ci.plugins:snsnotify
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Critical
GSA_kwCzR0hTQS05M2doLWpnamotcjkyOc4AA2sM
XWiki Platform vulnerable to XSS with edit right in the create document form for existing pages
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-web, org.xwiki.platform:xwiki-platform-web-templates
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
High
GSA_kwCzR0hTQS13ajc5LTlmeGotajg2cM4AAxJu
Cross-site request forgery vulnerability in Jenkins RabbitMQ Consumer Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:rabbitmq-consumer
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS04bW1oLWg0amgtMmczNM4AAxJP
Path Traversal in Jenkins visualexpert Plugin
Ecosystems: maven
Packages: io.jenkins.plugins:visualexpert
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhyZzktd3dycS14bXg5
Missing Authorization in Jenkins Kubernetes CLI Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:kubernetes-cli
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
High
GSA_kwCzR0hTQS05Mzl4LTZtd2otOTZyMs4AAxKB
Insufficient Session Expiration in Jenkins Azure AD Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:azure-ad
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS00Y3F2LXEzM3gtd2Z4d84AA2kt
Yamcs Cross-site Scripting vulnerability
Ecosystems: maven
Packages: org.yamcs:yamcs
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
Moderate
GSA_kwCzR0hTQS12M2Z2LXY5bTYtMjZnM84AAzWt
Jenkins HashiCorp Vault Plugin has improper masking of credentials
Ecosystems: maven
Packages: com.datapipe.jenkins.plugins:hashicorp-vault-plugin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS01cjc0LXBnbXEtOTJtbc33bA
Script security sandbox bypass in Jenkins Job DSL Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:job-dsl
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS1yYzQ0LTVjbWgtODc5bc4AAzeU
Unrestricted recursion in htmlunit
Ecosystems: maven
Packages: org.htmlunit:htmlunit
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 12 months ago
Low
GSA_kwCzR0hTQS0ycnJ4LXE2NWYtODk0Nc4AAjxp
Credentials transmitted in plain text by OpenShift Deployer Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:openshift-deployer
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS1jOWMyLXdjeGgtM3c1as4AAxpZ
Sandbox escape in Jenkins Email Extension Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:email-ext
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
High
GSA_kwCzR0hTQS1jMmZwLW1wbW0tY3F4ds4AAeyX
Code injection via property expansion in SoapUI
Ecosystems: maven
Packages: com.smartbear.soapui:soapui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Critical
GSA_kwCzR0hTQS05NHBmLTkyaHctMmhqY84AA0KQ
XWiki Platform vulnerable to Code injection through NotificationRSSService
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-notifications-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
Critical
GSA_kwCzR0hTQS03OTN3LWczMjUtaHJ3Ms4AA0KM
XWiki Platform vulnerable to persistent Cross-site Scripting through CKEditor Configuration pages
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-ckeditor-ui, org.xwiki.contrib:application-ckeditor-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
Moderate
GSA_kwCzR0hTQS1yeDc2LXh3MzUtNnJoOM4AAxTJ
Apache Linkis vulnerable to Exposure of Sensitive Information
Ecosystems: maven
Packages: org.apache.linkis:linkis
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
High
GSA_kwCzR0hTQS1oNnc4LTUybXEtNHF4Y84AAxTG
Apache Linkis contains Deserialization of Untrusted Data
Ecosystems: maven
Packages: org.apache.linkis:linkis
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS0zNmZtLWozM3ctYzI1Zs4AAzSe
Privilege escalation (PR)/RCE from account through class sheet
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-test-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS1wMmZyLW1xOW0tNnc2cM4AAxpc
Cross-site Scripting in Jenkins Email Extension Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:email-ext
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Statistics
Advisories: 18,752
Packages: 8,375
Repositories: 973
Ecosystems: 12
Filter by Severity
Moderate 8,149 High 6,447 Critical 2,848 Low 1,014
Filter by Ecosystem
maven 5,573 packagist 3,982 pypi 3,848 npm 3,558 go 1,934 nuget 1,421 rubygems 815 cargo 780 swift 31 hex 30 actions 16 pub 8
Filter by Package
org.jenkins-ci.main:jenkins-core 189 org.apache.tomcat:tomcat 134 com.fasterxml.jackson.core:jackson-databind 69 org.apache.struts:struts2-core 55 org.keycloak:keycloak-core 47 com.liferay.portal:release.portal.bom 45 com.thoughtworks.xstream:xstream 36 com.jfinal:jfinal 36 org.apache.tomcat.embed:tomcat-embed-core 36 net.mingsoft:ms-mcms 35 org.xwiki.platform:xwiki-platform-oldcore 34 org.elasticsearch:elasticsearch 32 org.jenkins-ci.plugins:script-security 32 org.keycloak:keycloak-services 27 io.undertow:undertow-core 27 org.apache.solr:solr-core 25 org.keycloak:keycloak-parent 25 org.eclipse.jetty:jetty-server 23 org.springframework.security:spring-security-core 23 org.bouncycastle:bcprov-jdk14 22 org.apache.nifi:nifi 22 org.apache.openmeetings:openmeetings-parent 21 org.cloudfoundry.identity:cloudfoundry-identity-server 20 org.springframework:spring-core 19 com.vaadin:vaadin-bom 18 com.liferay.portal:release.dxp.bom 18 org.apache.geode:geode-core 17 org.xwiki.platform:xwiki-platform-web-templates 17 org.apache.dubbo:dubbo 16 org.apache.activemq:activemq-client 16 org.bouncycastle:bcprov-jdk15 16 org.apache.jspwiki:jspwiki-main 15 org.apache.struts.xwork:xwork-core 15 org.apache.inlong:manager-pojo 14 org.xwiki.platform:xwiki-platform-web 14 org.apache.cxf:cxf 13 org.apache.hadoop:hadoop-main 13 com.vaadin:flow-server 12 org.jenkins-ci.plugins:git 12 org.bouncycastle:bcprov-jdk15on 12 org.jenkins-ci.plugins.workflow:workflow-cps 12 org.apache.dolphinscheduler:dolphinscheduler 12 org.apache.hadoop:hadoop-common 11 org.apache.ranger:ranger 11 org.apache.cxf:cxf-core 11 org.apache.jspwiki:jspwiki-war 11 org.igniterealtime.openfire:parent 11 org.jeecgframework.boot:jeecg-boot-common 11 org.jeecgframework.boot:jeecg-boot-parent 11 org.apache.james:james-server 11 org.apache.commons:commons-compress 11 org.mortbay.jetty:jetty 11 org.apache.camel:camel-core 11 com.xuxueli:xxl-job 11 org.apache.tomcat:tomcat-coyote 11 org.jenkins-ci.plugins:email-ext 11 org.apache.tika:tika-core 11 org.apache.inlong:manager-service 10 io.netty:netty 10 org.jboss.netty:netty 10 org.jenkins-ci.plugins.workflow:workflow-cps-global-lib 10 org.xwiki.platform:xwiki-platform-administration-ui 10 org.jenkins-ci.plugins:active-directory 9 org.apache.archiva:archiva 9 org.springframework:spring-web 9 org.jenkins-ci.plugins:config-file-provider 9 org.opennms:opennms 9 org.apache.xmlgraphics:batik 9 cn.hutool:hutool-core 9 org.jenkins-ci.plugins:electricflow 9 org.opencrx:opencrx-core-models 9 org.apache.hive:hive 9 io.jenkins:configuration-as-code 9 org.apache.tomcat:tomcat-catalina 9 org.apache.tapestry:tapestry-core 9 com.sonyericsson.jenkins.plugins.bfa:build-failure-analyzer 9 org.bouncycastle:bcprov-jdk15to18 9 org.springframework:spring-webmvc 9 org.apache.shiro:shiro-core 9 org.craftercms:crafter-studio 9 org.apache.kylin:kylin 8 io.jenkins.blueocean:blueocean 8 org.postgresql:postgresql 8 org.opencms:opencms-core 8 org.apache.ozone:ozone-main 8 org.apache.hive:hive-exec 8 org.graylog2:graylog2-server 8 org.apache.ambari:ambari 8 org.apache.pdfbox:pdfbox 8 org.webjars.npm:jquery 8 org.apache.santuario:xmlsec 8 org.yaml:snakeyaml 8 jquery-rails 8 jquery 8 org.jenkins-ci.plugins:ec2 8 org.apache.zeppelin:zeppelin 8 mysql:mysql-connector-java 8 com.hazelcast:hazelcast 8 org.jeecgframework.boot:jeecg-boot-base 7 org.jruby:jruby-stdlib 7 org.jenkins-ci.plugins:subversion 7 org.apache.hive:hive-service 7 io.jenkins.plugins:miniorange-saml-sp 7 org.apache.karaf:apache-karaf 7 org.apache.linkis:linkis 7 io.jenkins.plugins:warnings-ng 7 org.owasp.antisamy:antisamy 7 jQuery.UI.Combined 7 org.webjars.npm:jquery-ui 7 jquery-ui-rails 7 jquery-ui 7 org.apache.atlas:atlas-common 7 rubygems-update 7 org.jenkins-ci.plugins:jobConfigHistory 7 org.jenkins-ci.plugins:mercurial 7 org.jenkins-ci.plugins:rundeck 7 org.apache.cxf:apache-cxf 7 net.opentsdb:opentsdb 7 org.jenkins-ci.plugins:openshift-deployer 7 org.apache.poi:poi 7 org.apache.tika:tika 7 io.jenkins.plugins:cavisson-ns-nd-integration 7 jQuery 7 org.apache.inlong:manager-web 7 org.silverpeas.core:silverpeas-core-web 7 org.apache.activemq:activemq-parent 7 io.atomix:atomix 7 org.owasp.esapi:esapi 7 org.apache.logging.log4j:log4j-core 7 org.apache.spark:spark-core_2.11 7 org.apache.derby:derby 7 org.jenkins-ci.plugins:artifactory 7 org.jboss.resteasy:resteasy-client 7 io.dataease:dataease-plugin-common 7 org.jenkins-ci.plugins:gitlab-oauth 6 org.apache.storm:storm-core 6 de.tum.in.ase:artemis-java-test-sandbox 6 org.apache.struts:struts2-rest-plugin 6 commons-fileupload:commons-fileupload 6 org.apache.shenyu:shenyu-common 6 org.xwiki.commons:xwiki-commons-xml 6 io.netty:netty-handler 6 com.jflyfox:jflyfox_jfinal 6 org.jenkins-ci.plugins:pipeline-maven 6 org.opencastproject:opencast-kernel 6 org.jenkins-ci.plugins:azure-vm-agents 6 org.apache.syncope:syncope-core 6 org.apache.pulsar:pulsar-broker 6 org.apache.solr:solr-parent 6 org.jenkins-ci.plugins:fortify-on-demand-uploader 6 org.apache.spark:spark-core_2.10 6 com.xebialabs.deployit.ci:deployit-plugin 6 org.apache.httpcomponents:httpclient 6 org.jenkins-ci.plugins:repository-connector 6 io.netty:netty-codec-http 6 cn.hutool:hutool-json 6 org.apache.axis:axis 6 axis:axis 6 org.csanchez.jenkins.plugins:kubernetes 6 org.bouncycastle:bcprov-jdk18on 6 org.jenkins-ci.plugins:ec2-deployment-dashboard 6 com.sonyericsson.hudson.plugins.gerrit:gerrit-trigger 6 org.apache.mesos:mesos 6 org.opensearch.plugin:opensearch-security 6 tech.powerjob:powerjob 6 hudson.plugins:project-inheritance 6 com.vaadin:vaadin-server 5 org.jenkins-ci.plugins:ghprb 5 org.dspace:dspace-jspui 5 org.jeecgframework.boot:jeecg-boot-base-core 5 org.jboss.resteasy:resteasy-bom 5 org.apache.hadoop:hadoop-client 5 org.neo4j.procedure:apoc 5 org.apache.cassandra:cassandra-all 5 org.jenkins-ci.plugins.m2release:m2release 5 org.jenkins-ci.plugins:junit 5 org.codehaus.jettison:jettison 5 org.xwiki.platform:xwiki-platform-appwithinminutes-ui 5 org.jenkins-ci.plugins:publish-over-ssh 5 info.magnolia:magnolia-core 5 com.alibaba:dubbo 5 org.springframework.amqp:spring-amqp 5 xerces:xercesImpl 5 org.biouno:uno-choice 5 log4j:log4j 5 org.zenframework.z8.dependencies.commons:log4j-1.2.17 5 io.projectreactor.netty:reactor-netty-http 5 org.jenkins-ci.plugins:openid 5 com.coravy.hudson.plugins.github:github 5 struts:struts 5 org.jenkins-ci.plugins:google-login 5 org.apache.druid:druid 5 io.vertx:vertx-core 5 org.jenkins-ci.plugins:credentials 5 org.opennms:opennms-webapp 5 org.bouncycastle:bcprov-ext-jdk15on 5 com.synopsys.jenkinsci:ownership 5 io.vertx:vertx-web 5 org.jenkins-ci.plugins:sinatra-chef-builder 5 org.wildfly:wildfly-parent 5
Filter by Repository
https://github.com/xwiki/xwiki-platform 172 https://github.com/jenkinsci/jenkins 148 https://github.com/apache/tomcat 96 https://github.com/FasterXML/jackson-databind 70 https://github.com/keycloak/keycloak 58 https://github.com/apache/struts 46 https://github.com/spring-projects/spring-framework 41 https://github.com/x-stream/xstream 36 https://github.com/apache/activemq 33 https://github.com/CVEProject/cvelist 28 https://github.com/apache/inlong 26 https://github.com/eclipse/jetty.project 23 https://github.com/apache/nifi 21 https://github.com/jenkinsci/script-security-plugin 21 https://github.com/OpenNMS/opennms 20 https://github.com/jeecgboot/jeecg-boot 20 https://github.com/netty/netty 20 https://github.com/apache/cxf 19 https://github.com/cloudfoundry/uaa 19 https://github.com/bcgit/bc-java 19 https://github.com/vaadin/platform 17 https://github.com/opencast/opencast 16 https://github.com/geoserver/geoserver 15 https://github.com/apache/camel 15 https://github.com/undertow-io/undertow 13 https://github.com/xuxueli/xxl-job 13 https://github.com/dromara/hutool 13 https://github.com/quarkusio/quarkus 13 https://github.com/ming-soft/MCMS 13 https://github.com/apache/dolphinscheduler 12 https://github.com/apache/kylin 12 https://github.com/igniterealtime/Openfire 11 https://github.com/vaadin/flow 11 https://github.com/jenkinsci/git-plugin 10 https://github.com/apache/lucene-solr 9 https://github.com/spring-projects/spring-security 9 https://github.com/DSpace/DSpace 9 https://github.com/Graylog2/graylog2-server 9 https://github.com/jquery/jquery 9 https://github.com/cui2shark/cms 9 https://github.com/xwiki/xwiki-commons 8 https://github.com/jenkinsci/config-file-provider-plugin 8 https://github.com/hazelcast/hazelcast 8 https://github.com/nahsra/antisamy 8 https://github.com/apache/zeppelin 8 https://github.com/opensearch-project/security 8 https://github.com/pgjdbc/pgjdbc 7 https://github.com/jflyfox/jfinal_cms 7 https://github.com/apache/xmlgraphics-batik 7 https://github.com/jenkinsci/blueocean-plugin 7 https://github.com/vaadin/framework 7 https://github.com/dataease/dataease 7 https://github.com/ratpack/ratpack 7 https://github.com/OpenTSDB/opentsdb 7 https://github.com/RhinoSecurityLabs/CVEs 7 https://github.com/rubygems/rubygems 7 https://github.com/rundeck/rundeck 7 https://github.com/vert-x3/vertx-web 6 https://github.com/apache/tika 6 https://github.com/jenkinsci/electricflow-plugin 6 https://github.com/OpenRefine/OpenRefine 6 https://github.com/jenkinsci/fortify-on-demand-uploader-plugin 6 https://github.com/apache/hadoop 6 https://github.com/jenkinsci/gerrit-trigger-plugin 6 https://github.com/http4s/http4s 6 https://github.com/line/armeria 6 https://github.com/playframework/playframework 6 https://github.com/ls1intum/Ares 6 https://github.com/resteasy/resteasy 6 https://github.com/apache/pulsar 6 https://github.com/ESAPI/esapi-java-legacy 6 https://github.com/DrunkenShells/Disclosures 6 https://github.com/jenkinsci/configuration-as-code-plugin 6 https://github.com/jenkinsci/ec2-plugin 6 https://github.com/cui2shark/security 6 https://github.com/jenkinsci/build-failure-analyzer-plugin 6 https://github.com/jquery/jquery-ui 6 https://bitbucket.org/snakeyaml/snakeyaml 6 https://github.com/protocolbuffers/protobuf 5 https://github.com/apache/openmeetings 5 https://github.com/jenkinsci/support-core-plugin 5 https://github.com/jenkinsci/codedx-plugin 5 https://github.com/JLLeitschuh/security-research 5 https://github.com/jenkinsci/junit-plugin 5 https://github.com/apiman/apiman 5 https://github.com/jenkinsci/github-plugin 5 https://github.com/jenkinsci/subversion-plugin 5 https://github.com/neo4j-contrib/neo4j-apoc-procedures 5 https://github.com/jenkinsci/gitlab-plugin 5 https://github.com/PowerJob/PowerJob 5 https://github.com/h2database/h2database 5 https://github.com/apache/karaf 5 https://github.com/jenkinsci/workflow-cps-global-lib-plugin 5 https://github.com/jenkinsci/email-ext-plugin 5 https://github.com/jettison-json/jettison 5 https://github.com/jenkinsci/publish-over-ssh-plugin 5 https://github.com/apache/geode 5 https://github.com/OpenAPITools/openapi-generator 5 https://github.com/jensdietrich/xshady-release 5 https://github.com/restlet/restlet-framework-java 5 https://github.com/jenkinsci/active-directory-plugin 5 https://github.com/grails/grails-core 5 https://github.com/alibaba/nacos 5 https://bitbucket.org/connect2id/nimbus-jose-jwt 5 https://github.com/jenkinsci/m2release-plugin 5 https://github.com/apache/shiro 5 https://github.com/apache/shenyu 5 https://github.com/reportportal/reportportal 4 https://github.com/jenkinsci/warnings-ng-plugin 4 https://github.com/jenkinsci/matrix-project-plugin 4 https://github.com/jenkinsci/htmlpublisher-plugin 4 https://github.com/jenkinsci/p4-plugin 4 https://github.com/jenkinsci/hpe-application-automation-tools-plugin 4 https://github.com/resteasy/Resteasy 4 https://github.com/jenkinsci/job-config-history-plugin 4 https://github.com/micronaut-projects/micronaut-core 4 https://github.com/skylot/jadx 4 https://github.com/jenkinsci/active-choices-plugin 4 https://github.com/yamcs/yamcs 4 https://github.com/shopizer-ecommerce/shopizer 4 https://github.com/jenkinsci/nexus-platform-plugin 4 https://github.com/alkacon/opencms-core 4 https://github.com/jenkinsci/libvirt-slave-plugin 4 https://github.com/apache/httpcomponents-client 4 https://github.com/jenkinsci/ansible-plugin 4 https://github.com/jenkinsci/xldeploy-plugin 4 https://github.com/nightcloudos/new_cms 4 https://github.com/jenkinsci/fortify-plugin 4 https://github.com/itext/itext7 4 https://github.com/stanfordnlp/corenlp 4 https://github.com/ktorio/ktor 4 https://github.com/HtmlUnit/htmlunit 4 https://github.com/jenkinsci/gitlab-oauth-plugin 4 https://github.com/aws/aws-iot-device-sdk-java-v2 4 https://github.com/xerial/snappy-java 4 https://github.com/apache/syncope 4 https://github.com/jfinal/jfinal 4 https://github.com/infinispan/infinispan 4 https://github.com/jenkinsci/rundeck-plugin 4 https://github.com/apache/activemq-artemis 4 https://github.com/jenkinsci/workflow-cps-plugin 4 https://github.com/jenkinsci/credentials-binding-plugin 4 https://github.com/pippo-java/pippo 4 https://github.com/apache/solr 4 https://github.com/bcgit/bc-csharp 4 https://github.com/qos-ch/logback 3 https://github.com/google/guava 3 https://github.com/open-metadata/OpenMetadata 3 https://github.com/joniles/mpxj 3 https://github.com/orientechnologies/orientdb 3 https://github.com/jenkinsci/azure-credentials-plugin 3 https://svn.apache.org/viewvc/lucene/dev 3 https://github.com/jenkinsci/scriptler-plugin 3 https://github.com/Rabb1ter/cms 3 https://bitbucket.org/b_c/jose4j 3 https://github.com/apache/santuario-java 3 https://github.com/jenkinsci/ci-with-toad-edge-plugin 3 https://github.com/jenkinsci/mercurial-plugin 3 https://github.com/OWASP/json-sanitizer 3 https://github.com/opengoofy/hippo4j 3 https://github.com/jenkinsci/azure-vm-agents-plugin 3 https://github.com/jenkinsci/audit-trail-plugin 3 https://github.com/eclipse/lemminx 3 https://github.com/eclipse-ee4j/mojarra 3 https://github.com/jenkinsci/nomad-plugin 3 https://github.com/peteroupc/CBOR-Java 3 https://github.com/pf4j/pf4j 3 https://github.com/jenkinsci/bitbucket-oauth-plugin 3 https://github.com/jenkinsci/cas-plugin 3 https://github.com/apache/storm 3 https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server 3 https://github.com/jooby-project/jooby 3 https://github.com/li-yu320/cms 3 https://github.com/jenkinsci/crx-content-package-deployer-plugin 3 https://github.com/apache/jackrabbit 3 https://github.com/jenkinsci/git-parameter-plugin 3 https://github.com/Jarvis-616/cms 3 https://github.com/jenkinsci/gitlab-branch-source-plugin 3 https://github.com/wso2/carbon-registry 3 https://github.com/jenkinsci/git-client-plugin 3 https://github.com/jenkinsci/cvs-plugin 3 https://github.com/codehaus-plexus/plexus-utils 3 https://github.com/jenkinsci/database-plugin 3 https://github.com/AsyncHttpClient/async-http-client 3 https://github.com/jhy/jsoup 3 https://github.com/apache/geronimo 3 https://github.com/apache/flume 3 https://github.com/LetianYuan/My-CVE-Public-References 3 https://github.com/aws/amazon-redshift-jdbc-driver 3 https://github.com/apache/dubbo 3 https://github.com/jenkinsci/embeddable-build-status-plugin 3 https://github.com/wildfly/wildfly-core 3 https://github.com/intranda/goobi-viewer-core 3 https://github.com/jeremylong/DependencyCheck 3 https://github.com/apache/derby 3 https://github.com/apache/commons-configuration 3 https://github.com/apache/cxf-fediz 3 https://github.com/Adobe-Consulting-Services/acs-aem-commons 3 https://github.com/jenkinsci/cloudbees-jenkins-advisor-plugin 3