Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

maven Security Advisories

Loading...
Critical
GSA_kwCzR0hTQS02dnZjLWMybTMtY2pmM84AAgWm
JGit Improper Input Validation vulnerability
Ecosystems: maven
Packages: org.eclipse.jgit:org.eclipse.jgit
Source: GitHub Advisory Database
Blast Radius: 38.6
Published: about 2 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTh2Zm0tNDM4OC02cnBj
Apache is vulnerable to XXE in XSD validation processor
Ecosystems: maven
Packages: org.apache.camel:camel-core
Source: GitHub Advisory Database
Blast Radius: 38.5
Published: over 5 years ago
High
GSA_kwCzR0hTQS1tZjdjLTM1bXEtNzVwas4AAW6w
Insecure Inherited Permissions in Apache Hadoop
Ecosystems: maven
Packages: org.apache.hadoop:hadoop-common
Source: GitHub Advisory Database
Blast Radius: 38.3
Published: about 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWY4dmMtd2ZjOC1oeHFo
Improper Privilege Management in Apache Hadoop
Ecosystems: maven
Packages: org.apache.hadoop:hadoop-common
Source: GitHub Advisory Database
Blast Radius: 38.3
Published: over 2 years ago
High
GSA_kwCzR0hTQS03cTU2LW1wNGMtZ2dnZ84AAc2q
Improper Access Control in Apache Hadoop
Ecosystems: maven
Packages: org.apache.hadoop:hadoop-common
Source: GitHub Advisory Database
Blast Radius: 38.3
Published: about 2 years ago
Critical
GSA_kwCzR0hTQS1ndjg3LXE2NmgtNDI3N80ckg
Command injection in itext7-core
Ecosystems: maven
Packages: com.itextpdf:itextpdf, com.itextpdf:itext7-core
Source: GitHub Advisory Database
Blast Radius: 38.2
Published: over 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWo4anctZzZmcS1tcDdo
SQL injection in hibernate-core
Ecosystems: maven
Packages: org.hibernate:hibernate-core
Source: GitHub Advisory Database
Blast Radius: 38.2
Published: over 2 years ago
High
GSA_kwCzR0hTQS1mM2poLXF2bTQtbWczOc4AA6FU
Erroneous authentication pass in Spring Security
Ecosystems: maven
Packages: org.springframework.security:spring-security-core
Source: GitHub Advisory Database
Blast Radius: 38.1
Published: 2 months ago
Critical
GSA_kwCzR0hTQS1jcmc5LTQ0aDIteHczNc4AA2vl
Apache ActiveMQ is vulnerable to Remote Code Execution
Ecosystems: maven
Packages: org.apache.activemq:activemq-openwire-legacy, org.apache.activemq:activemq-client
Source: GitHub Advisory Database
Blast Radius: 38.1
Published: 7 months ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJmODgtNWhnOC05eDJ4
Origin Validation Error in Apache Maven
Ecosystems: maven
Packages: org.apache.maven:maven-core, org.apache.maven:maven-compat
Source: GitHub Advisory Database
Blast Radius: 38.0
Published: almost 3 years ago
Critical
GSA_kwCzR0hTQS00dmhmLTJodjctOG1yeM4AATvN
Improper Restriction of XML External Entity Reference in Apache ActiveMQ
Ecosystems: maven
Packages: org.apache.activemq:activemq-broker, org.apache.activemq:activemq-client
Source: GitHub Advisory Database
Blast Radius: 38.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1nNzZqLTRjeHgtMjNoOc0kvw
Improper Handling of Insufficient Permissions or Privileges in MySQL Connectors Java
Ecosystems: maven
Packages: mysql:mysql-connector-java
Source: GitHub Advisory Database
Blast Radius: 38.0
Published: over 2 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWo3N3EtMnFxZy02OTg5
Apache Struts vulnerable to remote arbitrary command execution due to improper input validation
Ecosystems: maven
Packages: org.apache.struts:struts2-core
Source: GitHub Advisory Database
Blast Radius: 37.9
Published: over 5 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNxcWotNHA2My1ycm1t
HTTP Request Smuggling in Netty
Ecosystems: maven
Packages: io.netty:netty, org.jboss.netty:netty, io.netty:netty-codec-http
Source: GitHub Advisory Database
Blast Radius: 37.9
Published: about 4 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJxOHgtMnA3Zi01NzR2
XStream is vulnerable to an Arbitrary Code Execution attack
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: GitHub Advisory Database
Blast Radius: 37.9
Published: over 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg3djQtN3hnMy1oeGNj
XStream is vulnerable to an Arbitrary Code Execution attack
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: GitHub Advisory Database
Blast Radius: 37.9
Published: over 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhwaDItbTNnNS14eHY0
XStream is vulnerable to an Arbitrary Code Execution attack
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: GitHub Advisory Database
Blast Radius: 37.9
Published: over 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThqcmotNTI1cC04MjZ2
XStream is vulnerable to an Arbitrary Code Execution attack
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: GitHub Advisory Database
Blast Radius: 37.9
Published: over 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZ3NjItaHg3ci1tdzY4
XStream is vulnerable to an Arbitrary Code Execution attack
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: GitHub Advisory Database
Blast Radius: 37.9
Published: over 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXh3NHAtY3Jwai12angy
A Server-Side Forgery Request can be activated unmarshalling with XStream to access data streams from an arbitrary URL referencing a resource in an intranet or the local host
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: GitHub Advisory Database
Blast Radius: 37.9
Published: over 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA4cHEtcjg5NC1mbThm
XStream is vulnerable to an Arbitrary Code Execution attack
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: GitHub Advisory Database
Blast Radius: 37.9
Published: over 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFyeDgtODU0NS00d2cy
XStream is vulnerable to an Arbitrary Code Execution attack
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: GitHub Advisory Database
Blast Radius: 37.9
Published: over 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWc1dzYtbXJqNy03NWgy
XStream is vulnerable to an Arbitrary Code Execution attack
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: GitHub Advisory Database
Blast Radius: 37.9
Published: over 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTY0eHgtY3E0cS1tZjQ0
XStream is vulnerable to an Arbitrary Code Execution attack
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: GitHub Advisory Database
Blast Radius: 37.9
Published: over 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNjY3EtNXZ3My0ycDZ4
XStream is vulnerable to an Arbitrary Code Execution attack
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: GitHub Advisory Database
Blast Radius: 37.9
Published: over 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWo5aDgtcGhydy1oNGZo
XStream is vulnerable to a Remote Command Execution attack
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: GitHub Advisory Database
Blast Radius: 37.9
Published: over 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWN4Zm0tNW00Zy14N3hw
A Server-Side Forgery Request can be activated unmarshalling with XStream to access data streams from an arbitrary URL referencing a resource in an intranet or the local host
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: GitHub Advisory Database
Blast Radius: 37.9
Published: over 2 years ago
Critical
GSA_kwCzR0hTQS13MjR4LTg3bXItNHIyM84AAs8I
SpEL Injection in Spring Data MongoDB
Ecosystems: maven
Packages: org.springframework.data:spring-data-mongodb
Source: GitHub Advisory Database
Blast Radius: 37.9
Published: almost 2 years ago
High
GSA_kwCzR0hTQS02cGhmLTZoNWctOTdqMs4AAzcV
Sqlite-jdbc vulnerable to remote code execution when JDBC url is attacker controlled
Ecosystems: maven
Packages: org.xerial:sqlite-jdbc
Source: GitHub Advisory Database
Blast Radius: 37.8
Published: 12 months ago
Critical
GSA_kwCzR0hTQS0zdngzLXhmNnEtcjV4cM4AAQYR
Exposure of Resource to Wrong Sphere in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat.embed:tomcat-embed-core, org.apache.tomcat:tomcat-catalina
Source: GitHub Advisory Database
Blast Radius: 37.8
Published: about 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdjMnItM2pxZi1jOXJ3
jackson-dataformat-xml vulnerable to server side request forgery (SSRF)
Ecosystems: maven
Packages: com.fasterxml.jackson.dataformat:jackson-dataformat-xml
Source: GitHub Advisory Database
Blast Radius: 37.7
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThwOGctZjl2Zy1yN3hy
Directory Traversal vulnerability in Square Retrofit
Ecosystems: maven
Packages: com.squareup.retrofit2:retrofit
Source: GitHub Advisory Database
Blast Radius: 37.7
Published: over 5 years ago
High
GSA_kwCzR0hTQS12aHJnLXYzY3YtcDI0N83otA
Deserialization of Untrusted Data in Spring Security
Ecosystems: maven
Packages: org.springframework.security:spring-security-core
Source: GitHub Advisory Database
Blast Radius: 37.6
Published: about 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZ2bTMtY2Z2ai1neHFx
High severity vulnerability that affects commons-fileupload:commons-fileupload
Ecosystems: maven
Packages: commons-fileupload:commons-fileupload
Source: GitHub Advisory Database
Blast Radius: 37.6
Published: over 5 years ago
High
GSA_kwCzR0hTQS1oZnJ4LTZxZ2otZnA2Y84AAxvU
Apache Commons FileUpload denial of service vulnerability
Ecosystems: maven
Packages: org.apache.tomcat.embed:tomcat-embed-core, org.apache.tomcat:tomcat-coyote, commons-fileupload:commons-fileupload
Source: GitHub Advisory Database
Blast Radius: 37.6
Published: about 1 year ago
High
GSA_kwCzR0hTQS1yOWZ2LXFwbTktcmo0Z84AAQl7
Exposure of Sensitive Information to an Unauthorized Actor in Elasticsearch
Ecosystems: maven
Packages: org.elasticsearch:elasticsearch
Source: GitHub Advisory Database
Blast Radius: 37.6
Published: about 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhxcXYtOXgzdi1tcDd3
Privilege Escalation Flaw in Elasticsearch
Ecosystems: maven
Packages: org.elasticsearch:elasticsearch
Source: GitHub Advisory Database
Blast Radius: 37.6
Published: about 3 years ago
High
GSA_kwCzR0hTQS1nZnY1LWdyeDItOWp3Ms4AAkGJ
Improper Privilege Management in Elasticsearch
Ecosystems: maven
Packages: org.elasticsearch:elasticsearch
Source: GitHub Advisory Database
Blast Radius: 37.6
Published: almost 2 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZqdzctNmdmcS02d2Y1
Path Traversal in Eclipse Vert
Ecosystems: maven
Packages: io.vertx:vertx-web
Source: GitHub Advisory Database
Blast Radius: 37.5
Published: over 2 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWgzOXgtbTU1Yy12NTVo
Eclipse Vert.x does not properly neutralize '' (forward slashes) sequences that can resolve to an external location
Ecosystems: maven
Packages: io.vertx:vertx-web
Source: GitHub Advisory Database
Blast Radius: 37.5
Published: over 5 years ago
Critical
GSA_kwCzR0hTQS1xY2o2LWpxcmctNHdwMs0XHQ
Template injection in thymeleaf-spring5
Ecosystems: maven
Packages: org.thymeleaf:thymeleaf-spring5
Source: GitHub Advisory Database
Blast Radius: 37.3
Published: over 2 years ago
Critical
GSA_kwCzR0hTQS14NnJjLTU0eHAtY2N4eM4AAVWx
Improper Restriction of XML External Entity Reference in Apache ActiveMQ
Ecosystems: maven
Packages: org.apache.activemq:activemq-client
Source: GitHub Advisory Database
Blast Radius: 37.3
Published: about 2 years ago
Critical
GSA_kwCzR0hTQS1yeHFoLWZjMjMtZ3hwMs4AATvG
Improper Input Validation in Apache ActiveMQ
Ecosystems: maven
Packages: org.apache.activemq:activemq-client
Source: GitHub Advisory Database
Blast Radius: 37.3
Published: about 2 years ago
Critical
GSA_kwCzR0hTQS1xOWhyLTNwZzQtM2pwNM4AAQzM
Improper Input Validation in Apache ActiveMQ
Ecosystems: maven
Packages: org.apache.activemq:activemq-client
Source: GitHub Advisory Database
Blast Radius: 37.3
Published: about 2 years ago
High
GSA_kwCzR0hTQS1oaDI2LTZ4d3ItZ2d2N83mDQ
Denial of service in Spring Framework
Ecosystems: maven
Packages: org.springframework:spring-beans
Source: GitHub Advisory Database
Blast Radius: 37.3
Published: about 2 years ago
High
GSA_kwCzR0hTQS1yMzhmLWM0aDQtaHFxMs4AAt2m
PostgreSQL JDBC Driver SQL Injection in ResultSet.refreshRow() with malicious column names
Ecosystems: maven
Packages: org.postgresql:postgresql
Source: GitHub Advisory Database
Blast Radius: 37.2
Published: almost 2 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWY2dmYtcHE4Yy02OW00
Improper Check for Unusual or Exceptional Conditions in Connect2id Nimbus JOSE+JWT
Ecosystems: maven
Packages: com.nimbusds:nimbus-jose-jwt
Source: GitHub Advisory Database
Blast Radius: 37.2
Published: over 4 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg2cXItOXZxYy1wZ2M2
Code execution in Spring Integration
Ecosystems: maven
Packages: org.springframework.integration:spring-integration-core
Source: GitHub Advisory Database
Blast Radius: 37.2
Published: almost 4 years ago
Critical
GSA_kwCzR0hTQS1wdm05LTI4OGMtdjV3cc4AAdBO
Remote Code Execution in Apache Struts
Ecosystems: maven
Packages: org.apache.struts:struts2-core
Source: GitHub Advisory Database
Blast Radius: 37.2
Published: about 2 years ago
Critical
GSA_kwCzR0hTQS14bTkyLXYybXEtODQycc4AAa4Q
Apache Struts improper action name cleanup
Ecosystems: maven
Packages: org.apache.struts:struts2-core
Source: GitHub Advisory Database
Blast Radius: 37.2
Published: about 2 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThmeDktNWh4OC1jcmht
Apache Struts 2.0.1 uses an unintentional expression in a Freemarker tag instead of string literal
Ecosystems: maven
Packages: org.apache.struts:struts2-core
Source: GitHub Advisory Database
Blast Radius: 37.2
Published: over 5 years ago
Critical
GSA_kwCzR0hTQS1tbWo2LWNqajQtaHByNc4AATRH
Apache Struts vulnerable to arbitrary remote code execution due to improper input validation
Ecosystems: maven
Packages: org.apache.struts:struts2-core
Source: GitHub Advisory Database
Blast Radius: 37.2
Published: about 2 years ago
Critical
GSA_kwCzR0hTQS13cDRoLXB2Z3ctNTcyN80Y7Q
Improperly Controlled Modification of Dynamically-Determined Object Attributes in Apache Struts
Ecosystems: maven
Packages: org.apache.struts:struts2-core
Source: GitHub Advisory Database
Blast Radius: 37.2
Published: over 2 years ago
Critical
GSA_kwCzR0hTQS0yajM5LXFjam0tNDI4d84AA3mt
Apache Struts vulnerable to path traversal
Ecosystems: maven
Packages: org.apache.struts:struts2-core
Source: GitHub Advisory Database
Blast Radius: 37.2
Published: 5 months ago
Critical
GSA_kwCzR0hTQS1qNjhmLThoNnAtOWg1cc0-5A
Struts ParameterInterceptor vulnerability allows remote command execution
Ecosystems: maven
Packages: org.apache.struts:struts2-core
Source: GitHub Advisory Database
Blast Radius: 37.2
Published: about 2 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpjMzUtcTM2OS00NXB2
Remote code execution in Apache Struts
Ecosystems: maven
Packages: org.apache.struts:struts2-core
Source: GitHub Advisory Database
Blast Radius: 37.2
Published: over 2 years ago
Critical
GSA_kwCzR0hTQS12OGo2LTZjMnItcjI3Y807Ew
Expression Language Injection in Apache Struts
Ecosystems: maven
Packages: org.apache.struts:struts2-core
Source: GitHub Advisory Database
Blast Radius: 37.2
Published: about 2 years ago
Critical
GSA_kwCzR0hTQS00cHJqLXZ3OWotdjZwcs4AATRG
Arbitrary code execution in Apache Struts 2
Ecosystems: maven
Packages: org.apache.struts:struts2-rest-plugin, org.apache.struts:struts2-core
Source: GitHub Advisory Database
Blast Radius: 37.2
Published: about 2 years ago
Critical
GSA_kwCzR0hTQS01MmdxLTdqNmMteHc2eM4AATB0
Missing Authentication for Critical Function in Apache Cassandra
Ecosystems: maven
Packages: org.apache.cassandra:cassandra-all
Source: GitHub Advisory Database
Blast Radius: 37.1
Published: about 2 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWo4ZzYtMndoNy02NDM5
Apache Tika allows Java code execution for serialized objects embedded in MATLAB files
Ecosystems: maven
Packages: org.apache.tika:tika-core
Source: GitHub Advisory Database
Blast Radius: 37.1
Published: over 5 years ago
High
GSA_kwCzR0hTQS0zdnFqLTQzdzQtMnE1OM4AAwSR
json stack overflow vulnerability
Ecosystems: maven
Packages: cn.hutool:hutool-json, org.json:json
Source: GitHub Advisory Database
Blast Radius: 36.9
Published: over 1 year ago
High
GSA_kwCzR0hTQS12cDk4LXcycDMtbXYzNc4AAyBx
Apache Log4j 1.x (EOL) allows Denial of Service (DoS)
Ecosystems: maven
Packages: org.apache.logging.log4j:log4j-core
Source: GitHub Advisory Database
Blast Radius: 36.9
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS1wd2g3LTkyaDMtbXFyNs4AASTH
Exposure of Sensitive Information to an Unauthorized Actor in Oracle MySQL Connectors Java
Ecosystems: maven
Packages: mysql:mysql-connector-java
Source: GitHub Advisory Database
Blast Radius: 36.8
Published: about 2 years ago
High
GSA_kwCzR0hTQS12N3dnLWNwd2MtMjRtNM0oEA
pgjdbc Does Not Check Class Instantiation when providing Plugin Classes
Ecosystems: maven
Packages: org.postgresql:postgresql
Source: GitHub Advisory Database
Blast Radius: 36.7
Published: over 2 years ago
Critical
GSA_kwCzR0hTQS1jdzU0LTU5cHctNGc4Y833AA
Apache Tomcat Improper Access Control vulnerability
Ecosystems: maven
Packages: org.apache.tomcat:tomcat-catalina-jmx-remote, org.apache.tomcat:tomcat-catalina
Source: GitHub Advisory Database
Blast Radius: 36.7
Published: about 2 years ago
High
GSA_kwCzR0hTQS12bXE2LTVtNjgtZjUzbc4AA3ab
logback serialization vulnerability
Ecosystems: maven
Packages: ch.qos.logback:logback-classic, ch.qos.logback:logback-core
Source: GitHub Advisory Database
Blast Radius: 36.6
Published: 6 months ago
High
GSA_kwCzR0hTQS1tam1qLWo0OHEtOXdnMs4AAwRm
SnakeYaml Constructor Deserialization Remote Code Execution
Ecosystems: maven
Packages: org.yaml:snakeyaml
Source: GitHub Advisory Database
Blast Radius: 36.6
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS1jNWhnLW1yOHItZjZqcM4AAwnc
Hazelcast connection caching
Ecosystems: maven
Packages: com.hazelcast:hazelcast-enterprise, com.hazelcast.jet:hazelcast-jet-enterprise, com.hazelcast.jet:hazelcast-jet, com.hazelcast:hazelcast
Source: GitHub Advisory Database
Blast Radius: 36.6
Published: over 1 year ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTUyM2MteGg0Zy1taDVt
Denial of Service in Apache POI
Ecosystems: maven
Packages: org.apache.poi:poi
Source: GitHub Advisory Database
Blast Radius: 36.6
Published: over 3 years ago
Critical
GSA_kwCzR0hTQS1qZ3hjLThtd3EtOXhxd84AA4mo
Clojure classes can be used to craft a serialized object that runs arbitrary code on deserialization
Ecosystems: maven
Packages: org.clojure:clojure
Source: GitHub Advisory Database
Blast Radius: 36.5
Published: 4 months ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWp3Z3gtOW1taC02ODR3
Credential exposure through log files in Undertow
Ecosystems: maven
Packages: io.undertow:undertow-core
Source: GitHub Advisory Database
Blast Radius: 36.5
Published: almost 5 years ago
Critical
GSA_kwCzR0hTQS1wZmNjLTNnNnItOHJnOM4AAxyW
Undertow client not checking server identity presented by server certificate in https connections
Ecosystems: maven
Packages: io.undertow:undertow-core
Source: GitHub Advisory Database
Blast Radius: 36.5
Published: about 1 year ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTh2aDgtdmMyOC1tMmhm
Potential to access user credentials from the log files when debug logging enabled
Ecosystems: maven
Packages: io.undertow:undertow-core
Source: GitHub Advisory Database
Blast Radius: 36.5
Published: over 4 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThxODktcHdoaC03d2Zx
Use of Insufficiently Random Values in penggle:kaptcha
Ecosystems: maven
Packages: com.github.penggle:kaptcha
Source: GitHub Advisory Database
Blast Radius: 36.4
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXI2ajktODc1OS1nNjJ3
Improper Restriction of XML External Entity Reference in jackson-mapper-asl
Ecosystems: maven
Packages: org.codehaus.jackson:jackson-mapper-asl
Source: GitHub Advisory Database
Blast Radius: 36.3
Published: over 4 years ago
Critical
GSA_kwCzR0hTQS1tYzZqLWg5NDgtdjJwNs4AATbI
RubyGems Improper Verification of Cryptographic Signature vulnerability
Ecosystems: maven, rubygems
Packages: org.jruby:jruby-stdlib, rubygems-update
Source: GitHub Advisory Database
Blast Radius: 36.3
Published: about 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpjcTMtY3BycC1tMzMz
Privilege escalation in mysql-connector-jav
Ecosystems: maven
Packages: mysql:mysql-connector-java
Source: GitHub Advisory Database
Blast Radius: 36.2
Published: almost 4 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1oN2ctOTl3OS14cGpt
Remote code execution occurs in Apache Solr
Ecosystems: maven
Packages: org.apache.solr:solr-core
Source: GitHub Advisory Database
Blast Radius: 36.2
Published: over 5 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTIyODktcHFmcS02d3g3
Unrestricted upload of file with dangerous type in Apache Solr
Ecosystems: maven
Packages: org.apache.solr:solr-core
Source: GitHub Advisory Database
Blast Radius: 36.2
Published: over 4 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhoY3EtZnY3eC1ncnIy
Critical severity vulnerability that affects org.apache.solr:solr-core
Ecosystems: maven
Packages: org.apache.solr:solr-core
Source: GitHub Advisory Database
Blast Radius: 36.2
Published: about 5 years ago
High
GSA_kwCzR0hTQS1qNTYzLWdyeDQtcGpwds4AAwpk
XStream can cause Denial of Service via stack overflow
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: GitHub Advisory Database
Blast Radius: 36.1
Published: over 1 year ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW03Mm0tbWhxMi05cDZj
Uncaught Exception in jsoup
Ecosystems: maven
Packages: org.jsoup:jsoup
Source: GitHub Advisory Database
Blast Radius: 36.1
Published: over 2 years ago
High
GSA_kwCzR0hTQS00ZzlyLXZ4aHgtOXBneM4AA5Xm
Apache Commons Compress: Denial of service caused by an infinite loop for a corrupted DUMP file
Ecosystems: maven
Packages: org.apache.commons:commons-compress
Source: GitHub Advisory Database
Blast Radius: 35.9
Published: 3 months ago
Critical
GSA_kwCzR0hTQS0zMnFxLW05ZmgtZjc0d84AAyjb
MyBatis-Plus vulnerable to SQL injection via TenantPlugin
Ecosystems: maven
Packages: com.baomidou:mybatis-plus
Source: GitHub Advisory Database
Blast Radius: 35.9
Published: about 1 year ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW13MzYtN2M2Yy1xNHEy
XStream can be used for Remote Code Execution
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: GitHub Advisory Database
Blast Radius: 35.7
Published: over 3 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW13M3ItcGZtZy14cDky
Improper Restriction of Recursive Entity References in Apache XMLBeans
Ecosystems: maven
Packages: org.apache.xmlbeans:xmlbeans
Source: GitHub Advisory Database
Blast Radius: 35.6
Published: almost 3 years ago
Critical
GSA_kwCzR0hTQS03cGh3LWN4eDctcTl2cc4AAyW3
Spring Framework is vulnerable to security bypass via mvcRequestMatcher pattern mismatch
Ecosystems: maven
Packages: org.springframework:spring
Source: GitHub Advisory Database
Blast Radius: 35.4
Published: about 1 year ago
High
GSA_kwCzR0hTQS04OXc3LTVxNDUtcjUzd84AAwbi
lite-server vulnerable to Denial of Service
Ecosystems: maven, npm
Packages: org.webjars.npm:lite-server, lite-server
Source: GitHub Advisory Database
Blast Radius: 35.4
Published: over 1 year ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZ4M3YtcncycS05Z3g3
Improper implementation of the session fixation protection in Infinispan
Ecosystems: maven
Packages: org.infinispan:infinispan-core
Source: GitHub Advisory Database
Blast Radius: 35.4
Published: over 4 years ago
Critical
GSA_kwCzR0hTQS05NHJyLTRqcjUtOWgycM4AAvuM
Apache Ivy does not verify target path when extracting the archive
Ecosystems: maven
Packages: org.apache.ivy:ivy
Source: GitHub Advisory Database
Blast Radius: 35.2
Published: over 1 year ago
High
GSA_kwCzR0hTQS00dnByLXhmcnAtY2o2NM4AA0xl
Spring Security's authorization rules can be misconfigured when using multiple servlets
Ecosystems: maven
Packages: org.springframework.security:spring-security-config
Source: GitHub Advisory Database
Blast Radius: 35.1
Published: 10 months ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdxOWMtaDIzeC02NWZx
Spring Security OAuth vulnerable to remote code execution (RCE) via specially crafted request using whitelabel views
Ecosystems: maven
Packages: org.springframework.security.oauth:spring-security-oauth2
Source: GitHub Advisory Database
Blast Radius: 34.9
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXYzNWMtNDlqNi1xOGhx
Security Constraint Bypass in Spring Security
Ecosystems: maven
Packages: org.springframework.security:spring-security-core
Source: GitHub Advisory Database
Blast Radius: 34.8
Published: over 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc5amctZ3Znci0zNTRt
Resource Exhaustion in Spring Security
Ecosystems: maven
Packages: org.springframework.security:spring-security-oauth2-client, org.springframework.security:spring-security-core
Source: GitHub Advisory Database
Blast Radius: 34.8
Published: almost 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXh4Z3AtcGNmYy0zdmdj
Privilege Escalation in Hibernate Validator
Ecosystems: maven
Packages: org.hibernate:hibernate-validator
Source: GitHub Advisory Database
Blast Radius: 34.7
Published: almost 4 years ago
High
GSA_kwCzR0hTQS0zcDg2LTk5NTUtaDM5M84AA17V
Arbitrary File Overwrite in Eclipse JGit
Ecosystems: maven
Packages: org.eclipse.jgit:org.eclipse.jgit
Source: GitHub Advisory Database
Blast Radius: 34.7
Published: 8 months ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTczeHYtdzVncC1mcnho
Logic error in Legion of the Bouncy Castle BC Java
Ecosystems: maven
Packages: org.bouncycastle:bcprov-ext-jdk16, org.bouncycastle:bcprov-jdk16, org.bouncycastle:bcprov-jdk14, org.bouncycastle:bcprov-ext-jdk15on, org.bouncycastle:bcprov-jdk15on, org.bouncycastle:bcprov-jdk15, org.bouncycastle:bcprov-jdk15to18
Source: GitHub Advisory Database
Blast Radius: 34.6
Published: about 3 years ago
Critical
GSA_kwCzR0hTQS13NzdwLThjZmctMng0M83qjw
Improper Access Control in SLF4J
Ecosystems: maven
Packages: org.slf4j:slf4j-ext
Source: GitHub Advisory Database
Blast Radius: 34.6
Published: about 2 years ago
High
GSA_kwCzR0hTQS1wODM2LTM4OWgtajY5Ms4AAV-D
Improper Access Control in Apache Shiro
Ecosystems: maven
Packages: org.apache.shiro:shiro-core
Source: GitHub Advisory Database
Blast Radius: 34.6
Published: about 2 years ago
High
GSA_kwCzR0hTQS1majMyLTZ2N20tNTdwZ832Tw
Improper Access Control in Elasticsearch
Ecosystems: maven
Packages: org.elasticsearch:elasticsearch
Source: GitHub Advisory Database
Blast Radius: 34.6
Published: about 2 years ago
Statistics
Advisories: 18,774
Packages: 8,381
Repositories: 973
Ecosystems: 12
Filter by Severity
Moderate 8,161 High 6,452 Critical 2,849 Low 1,017
Filter by Ecosystem
maven 5,573 packagist 4,003 pypi 3,848 npm 3,557 go 1,935 nuget 1,421 rubygems 815 cargo 780 swift 31 hex 30 actions 16 pub 8
Filter by Package
org.jenkins-ci.main:jenkins-core 189 org.apache.tomcat:tomcat 134 com.fasterxml.jackson.core:jackson-databind 69 org.apache.struts:struts2-core 55 org.keycloak:keycloak-core 47 com.liferay.portal:release.portal.bom 45 org.apache.tomcat.embed:tomcat-embed-core 36 com.thoughtworks.xstream:xstream 36 com.jfinal:jfinal 36 net.mingsoft:ms-mcms 35 org.xwiki.platform:xwiki-platform-oldcore 34 org.jenkins-ci.plugins:script-security 32 org.elasticsearch:elasticsearch 32 io.undertow:undertow-core 27 org.keycloak:keycloak-services 27 org.keycloak:keycloak-parent 25 org.apache.solr:solr-core 25 org.eclipse.jetty:jetty-server 23 org.springframework.security:spring-security-core 23 org.bouncycastle:bcprov-jdk14 22 org.apache.nifi:nifi 22 org.apache.openmeetings:openmeetings-parent 21 org.cloudfoundry.identity:cloudfoundry-identity-server 20 org.springframework:spring-core 19 com.liferay.portal:release.dxp.bom 18 com.vaadin:vaadin-bom 18 org.xwiki.platform:xwiki-platform-web-templates 17 org.apache.geode:geode-core 17 org.bouncycastle:bcprov-jdk15 16 org.apache.dubbo:dubbo 16 org.apache.activemq:activemq-client 16 org.apache.struts.xwork:xwork-core 15 org.apache.jspwiki:jspwiki-main 15 org.apache.inlong:manager-pojo 14 org.xwiki.platform:xwiki-platform-web 14 org.apache.cxf:cxf 13 org.apache.hadoop:hadoop-main 13 org.jenkins-ci.plugins.workflow:workflow-cps 12 org.apache.dolphinscheduler:dolphinscheduler 12 com.vaadin:flow-server 12 org.jenkins-ci.plugins:git 12 org.bouncycastle:bcprov-jdk15on 12 org.apache.camel:camel-core 11 org.jenkins-ci.plugins:email-ext 11 org.apache.cxf:cxf-core 11 org.apache.jspwiki:jspwiki-war 11 org.jeecgframework.boot:jeecg-boot-common 11 org.apache.ranger:ranger 11 org.apache.commons:commons-compress 11 org.apache.tika:tika-core 11 org.apache.james:james-server 11 org.apache.hadoop:hadoop-common 11 org.igniterealtime.openfire:parent 11 org.jeecgframework.boot:jeecg-boot-parent 11 org.apache.tomcat:tomcat-coyote 11 com.xuxueli:xxl-job 11 org.mortbay.jetty:jetty 11 org.xwiki.platform:xwiki-platform-administration-ui 10 org.jenkins-ci.plugins.workflow:workflow-cps-global-lib 10 org.jboss.netty:netty 10 io.netty:netty 10 org.apache.inlong:manager-service 10 org.apache.xmlgraphics:batik 9 org.springframework:spring-web 9 org.apache.archiva:archiva 9 org.apache.tapestry:tapestry-core 9 org.craftercms:crafter-studio 9 org.apache.hive:hive 9 cn.hutool:hutool-core 9 org.opennms:opennms 9 io.jenkins:configuration-as-code 9 com.sonyericsson.jenkins.plugins.bfa:build-failure-analyzer 9 org.bouncycastle:bcprov-jdk15to18 9 org.apache.tomcat:tomcat-catalina 9 org.apache.shiro:shiro-core 9 org.jenkins-ci.plugins:active-directory 9 org.jenkins-ci.plugins:config-file-provider 9 org.springframework:spring-webmvc 9 org.opencrx:opencrx-core-models 9 org.jenkins-ci.plugins:electricflow 9 org.apache.ambari:ambari 8 org.postgresql:postgresql 8 org.yaml:snakeyaml 8 org.apache.zeppelin:zeppelin 8 com.hazelcast:hazelcast 8 org.webjars.npm:jquery 8 org.apache.pdfbox:pdfbox 8 org.apache.hive:hive-exec 8 jquery-rails 8 jquery 8 org.graylog2:graylog2-server 8 org.apache.kylin:kylin 8 org.opencms:opencms-core 8 org.jenkins-ci.plugins:ec2 8 io.jenkins.blueocean:blueocean 8 org.apache.santuario:xmlsec 8 mysql:mysql-connector-java 8 org.apache.ozone:ozone-main 8 org.jenkins-ci.plugins:subversion 7 org.apache.hive:hive-service 7 io.jenkins.plugins:warnings-ng 7 org.jboss.resteasy:resteasy-client 7 org.silverpeas.core:silverpeas-core-web 7 org.apache.activemq:activemq-parent 7 org.apache.tika:tika 7 org.apache.spark:spark-core_2.11 7 org.jenkins-ci.plugins:jobConfigHistory 7 org.apache.cxf:apache-cxf 7 org.jenkins-ci.plugins:openshift-deployer 7 org.jeecgframework.boot:jeecg-boot-base 7 net.opentsdb:opentsdb 7 io.jenkins.plugins:cavisson-ns-nd-integration 7 org.apache.inlong:manager-web 7 org.apache.logging.log4j:log4j-core 7 org.apache.karaf:apache-karaf 7 org.owasp.antisamy:antisamy 7 io.jenkins.plugins:miniorange-saml-sp 7 jQuery.UI.Combined 7 jQuery 7 org.webjars.npm:jquery-ui 7 jquery-ui-rails 7 jquery-ui 7 org.owasp.esapi:esapi 7 io.atomix:atomix 7 org.apache.derby:derby 7 org.apache.atlas:atlas-common 7 org.apache.poi:poi 7 org.jenkins-ci.plugins:mercurial 7 io.dataease:dataease-plugin-common 7 rubygems-update 7 org.jenkins-ci.plugins:rundeck 7 org.jruby:jruby-stdlib 7 org.apache.linkis:linkis 7 org.jenkins-ci.plugins:artifactory 7 com.xebialabs.deployit.ci:deployit-plugin 6 commons-fileupload:commons-fileupload 6 org.jenkins-ci.plugins:pipeline-maven 6 io.netty:netty-handler 6 org.apache.spark:spark-core_2.10 6 org.apache.axis:axis 6 axis:axis 6 org.apache.pulsar:pulsar-broker 6 hudson.plugins:project-inheritance 6 org.xwiki.commons:xwiki-commons-xml 6 com.jflyfox:jflyfox_jfinal 6 org.opencastproject:opencast-kernel 6 org.opensearch.plugin:opensearch-security 6 org.jenkins-ci.plugins:azure-vm-agents 6 org.jenkins-ci.plugins:fortify-on-demand-uploader 6 org.apache.syncope:syncope-core 6 org.apache.httpcomponents:httpclient 6 org.apache.storm:storm-core 6 com.sonyericsson.hudson.plugins.gerrit:gerrit-trigger 6 de.tum.in.ase:artemis-java-test-sandbox 6 org.apache.mesos:mesos 6 org.apache.solr:solr-parent 6 io.netty:netty-codec-http 6 org.apache.shenyu:shenyu-common 6 org.apache.struts:struts2-rest-plugin 6 org.jenkins-ci.plugins:repository-connector 6 org.bouncycastle:bcprov-jdk18on 6 org.csanchez.jenkins.plugins:kubernetes 6 tech.powerjob:powerjob 6 org.jenkins-ci.plugins:ec2-deployment-dashboard 6 org.jenkins-ci.plugins:gitlab-oauth 6 cn.hutool:hutool-json 6 org.biouno:uno-choice 5 org.jenkins-ci.plugins:support-core 5 xerces:xercesImpl 5 org.apache.cassandra:cassandra-all 5 org.jenkins-ci.plugins:junit 5 io.vertx:vertx-core 5 info.magnolia:magnolia-core 5 org.jenkins-ci.plugins:delphix 5 edu.stanford.nlp:stanford-corenlp 5 org.springframework.security.oauth:spring-security-oauth2 5 com.ruoyi:ruoyi 5 org.jenkins-ci.plugins:publish-over-ssh 5 com.vaadin:vaadin-server 5 org.springframework.amqp:spring-amqp 5 org.jenkins-ci.plugins:codedx 5 org.apache.kylin:kylin-server-base 5 org.jenkins-ci.plugins:openid 5 org.jboss.resteasy:resteasy-bom 5 struts:struts 5 com.coravy.hudson.plugins.github:github 5 com.alibaba:dubbo 5 org.zenframework.z8.dependencies.commons:log4j-1.2.17 5 log4j:log4j 5 org.xwiki.platform:xwiki-platform-flamingo-skin-resources 5 org.xwiki.platform:xwiki-platform-appwithinminutes-ui 5 org.jenkins-ci.plugins:websphere-deployer 5 org.apache.hadoop:hadoop-client 5 org.neo4j.procedure:apoc 5 org.jenkins-ci.plugins:azure-ad 5 org.apache.druid:druid 5 org.jenkins-ci.plugins:credentials 5 com.google.protobuf:protobuf-java 5 org.jenkins-ci.plugins.m2release:m2release 5 org.jeecgframework.boot:jeecg-boot-base-core 5
Filter by Repository
https://github.com/xwiki/xwiki-platform 172 https://github.com/jenkinsci/jenkins 148 https://github.com/apache/tomcat 96 https://github.com/FasterXML/jackson-databind 70 https://github.com/keycloak/keycloak 58 https://github.com/apache/struts 46 https://github.com/spring-projects/spring-framework 41 https://github.com/x-stream/xstream 36 https://github.com/apache/activemq 33 https://github.com/CVEProject/cvelist 28 https://github.com/apache/inlong 26 https://github.com/eclipse/jetty.project 23 https://github.com/apache/nifi 21 https://github.com/jenkinsci/script-security-plugin 21 https://github.com/OpenNMS/opennms 20 https://github.com/jeecgboot/jeecg-boot 20 https://github.com/netty/netty 20 https://github.com/apache/cxf 19 https://github.com/cloudfoundry/uaa 19 https://github.com/bcgit/bc-java 19 https://github.com/vaadin/platform 17 https://github.com/opencast/opencast 16 https://github.com/geoserver/geoserver 15 https://github.com/apache/camel 15 https://github.com/undertow-io/undertow 13 https://github.com/xuxueli/xxl-job 13 https://github.com/dromara/hutool 13 https://github.com/quarkusio/quarkus 13 https://github.com/ming-soft/MCMS 13 https://github.com/apache/dolphinscheduler 12 https://github.com/apache/kylin 12 https://github.com/igniterealtime/Openfire 11 https://github.com/vaadin/flow 11 https://github.com/jenkinsci/git-plugin 10 https://github.com/apache/lucene-solr 9 https://github.com/spring-projects/spring-security 9 https://github.com/DSpace/DSpace 9 https://github.com/Graylog2/graylog2-server 9 https://github.com/jquery/jquery 9 https://github.com/cui2shark/cms 9 https://github.com/xwiki/xwiki-commons 8 https://github.com/jenkinsci/config-file-provider-plugin 8 https://github.com/hazelcast/hazelcast 8 https://github.com/nahsra/antisamy 8 https://github.com/apache/zeppelin 8 https://github.com/opensearch-project/security 8 https://github.com/pgjdbc/pgjdbc 7 https://github.com/jflyfox/jfinal_cms 7 https://github.com/apache/xmlgraphics-batik 7 https://github.com/jenkinsci/blueocean-plugin 7 https://github.com/vaadin/framework 7 https://github.com/dataease/dataease 7 https://github.com/ratpack/ratpack 7 https://github.com/OpenTSDB/opentsdb 7 https://github.com/RhinoSecurityLabs/CVEs 7 https://github.com/rubygems/rubygems 7 https://github.com/rundeck/rundeck 7 https://github.com/vert-x3/vertx-web 6 https://github.com/apache/tika 6 https://github.com/jenkinsci/electricflow-plugin 6 https://github.com/OpenRefine/OpenRefine 6 https://github.com/jenkinsci/fortify-on-demand-uploader-plugin 6 https://github.com/apache/hadoop 6 https://github.com/jenkinsci/gerrit-trigger-plugin 6 https://github.com/http4s/http4s 6 https://github.com/line/armeria 6 https://github.com/playframework/playframework 6 https://github.com/ls1intum/Ares 6 https://github.com/resteasy/resteasy 6 https://github.com/apache/pulsar 6 https://github.com/ESAPI/esapi-java-legacy 6 https://github.com/DrunkenShells/Disclosures 6 https://github.com/jenkinsci/configuration-as-code-plugin 6 https://github.com/jenkinsci/ec2-plugin 6 https://github.com/cui2shark/security 6 https://github.com/jenkinsci/build-failure-analyzer-plugin 6 https://github.com/jquery/jquery-ui 6 https://bitbucket.org/snakeyaml/snakeyaml 6 https://github.com/protocolbuffers/protobuf 5 https://github.com/apache/openmeetings 5 https://github.com/jenkinsci/support-core-plugin 5 https://github.com/jenkinsci/codedx-plugin 5 https://github.com/JLLeitschuh/security-research 5 https://github.com/jenkinsci/junit-plugin 5 https://github.com/apiman/apiman 5 https://github.com/jenkinsci/github-plugin 5 https://github.com/jenkinsci/subversion-plugin 5 https://github.com/neo4j-contrib/neo4j-apoc-procedures 5 https://github.com/jenkinsci/gitlab-plugin 5 https://github.com/PowerJob/PowerJob 5 https://github.com/h2database/h2database 5 https://github.com/apache/karaf 5 https://github.com/jenkinsci/workflow-cps-global-lib-plugin 5 https://github.com/jenkinsci/email-ext-plugin 5 https://github.com/jettison-json/jettison 5 https://github.com/jenkinsci/publish-over-ssh-plugin 5 https://github.com/apache/geode 5 https://github.com/OpenAPITools/openapi-generator 5 https://github.com/jensdietrich/xshady-release 5 https://github.com/restlet/restlet-framework-java 5 https://github.com/jenkinsci/active-directory-plugin 5 https://github.com/grails/grails-core 5 https://github.com/alibaba/nacos 5 https://bitbucket.org/connect2id/nimbus-jose-jwt 5 https://github.com/jenkinsci/m2release-plugin 5 https://github.com/apache/shiro 5 https://github.com/apache/shenyu 5 https://github.com/reportportal/reportportal 4 https://github.com/jenkinsci/warnings-ng-plugin 4 https://github.com/jenkinsci/matrix-project-plugin 4 https://github.com/jenkinsci/htmlpublisher-plugin 4 https://github.com/jenkinsci/p4-plugin 4 https://github.com/jenkinsci/hpe-application-automation-tools-plugin 4 https://github.com/resteasy/Resteasy 4 https://github.com/jenkinsci/job-config-history-plugin 4 https://github.com/micronaut-projects/micronaut-core 4 https://github.com/skylot/jadx 4 https://github.com/jenkinsci/active-choices-plugin 4 https://github.com/yamcs/yamcs 4 https://github.com/shopizer-ecommerce/shopizer 4 https://github.com/jenkinsci/nexus-platform-plugin 4 https://github.com/alkacon/opencms-core 4 https://github.com/jenkinsci/libvirt-slave-plugin 4 https://github.com/apache/httpcomponents-client 4 https://github.com/jenkinsci/ansible-plugin 4 https://github.com/jenkinsci/xldeploy-plugin 4 https://github.com/nightcloudos/new_cms 4 https://github.com/jenkinsci/fortify-plugin 4 https://github.com/itext/itext7 4 https://github.com/stanfordnlp/corenlp 4 https://github.com/ktorio/ktor 4 https://github.com/HtmlUnit/htmlunit 4 https://github.com/jenkinsci/gitlab-oauth-plugin 4 https://github.com/aws/aws-iot-device-sdk-java-v2 4 https://github.com/xerial/snappy-java 4 https://github.com/apache/syncope 4 https://github.com/jfinal/jfinal 4 https://github.com/infinispan/infinispan 4 https://github.com/jenkinsci/rundeck-plugin 4 https://github.com/apache/activemq-artemis 4 https://github.com/jenkinsci/workflow-cps-plugin 4 https://github.com/jenkinsci/credentials-binding-plugin 4 https://github.com/pippo-java/pippo 4 https://github.com/apache/solr 4 https://github.com/bcgit/bc-csharp 4 https://github.com/qos-ch/logback 3 https://github.com/google/guava 3 https://github.com/open-metadata/OpenMetadata 3 https://github.com/joniles/mpxj 3 https://github.com/orientechnologies/orientdb 3 https://github.com/jenkinsci/azure-credentials-plugin 3 https://svn.apache.org/viewvc/lucene/dev 3 https://github.com/jenkinsci/scriptler-plugin 3 https://github.com/Rabb1ter/cms 3 https://bitbucket.org/b_c/jose4j 3 https://github.com/apache/santuario-java 3 https://github.com/jenkinsci/ci-with-toad-edge-plugin 3 https://github.com/jenkinsci/mercurial-plugin 3 https://github.com/OWASP/json-sanitizer 3 https://github.com/opengoofy/hippo4j 3 https://github.com/jenkinsci/azure-vm-agents-plugin 3 https://github.com/jenkinsci/audit-trail-plugin 3 https://github.com/eclipse/lemminx 3 https://github.com/eclipse-ee4j/mojarra 3 https://github.com/jenkinsci/nomad-plugin 3 https://github.com/peteroupc/CBOR-Java 3 https://github.com/pf4j/pf4j 3 https://github.com/jenkinsci/bitbucket-oauth-plugin 3 https://github.com/jenkinsci/cas-plugin 3 https://github.com/apache/storm 3 https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server 3 https://github.com/jooby-project/jooby 3 https://github.com/li-yu320/cms 3 https://github.com/jenkinsci/crx-content-package-deployer-plugin 3 https://github.com/apache/jackrabbit 3 https://github.com/jenkinsci/git-parameter-plugin 3 https://github.com/Jarvis-616/cms 3 https://github.com/jenkinsci/gitlab-branch-source-plugin 3 https://github.com/wso2/carbon-registry 3 https://github.com/jenkinsci/git-client-plugin 3 https://github.com/jenkinsci/cvs-plugin 3 https://github.com/codehaus-plexus/plexus-utils 3 https://github.com/jenkinsci/database-plugin 3 https://github.com/AsyncHttpClient/async-http-client 3 https://github.com/jhy/jsoup 3 https://github.com/apache/geronimo 3 https://github.com/apache/flume 3 https://github.com/LetianYuan/My-CVE-Public-References 3 https://github.com/aws/amazon-redshift-jdbc-driver 3 https://github.com/apache/dubbo 3 https://github.com/jenkinsci/embeddable-build-status-plugin 3 https://github.com/wildfly/wildfly-core 3 https://github.com/intranda/goobi-viewer-core 3 https://github.com/jeremylong/DependencyCheck 3 https://github.com/apache/derby 3 https://github.com/apache/commons-configuration 3 https://github.com/apache/cxf-fediz 3 https://github.com/Adobe-Consulting-Services/acs-aem-commons 3 https://github.com/jenkinsci/cloudbees-jenkins-advisor-plugin 3