Ecosyste.ms: Advisories

Moderate 8,836 High 7,269 Critical 3,070 Low 1,144

maven 5,864 packagist 4,634 pypi 4,352 npm 3,812 go 2,295 nuget 1,552 cargo 882 rubygems 880 swift 33 hex 32 actions 20 pub 9

org.jenkins-ci.main:jenkins-core 193 org.apache.tomcat:tomcat 132 com.fasterxml.jackson.core:jackson-databind 69 org.apache.struts:struts2-core 55 org.keycloak:keycloak-core 51 com.liferay.portal:release.portal.bom 46 org.apache.tomcat.embed:tomcat-embed-core 38 com.thoughtworks.xstream:xstream 37 org.xwiki.platform:xwiki-platform-oldcore 37 org.elasticsearch:elasticsearch 36 com.jfinal:jfinal 36 org.keycloak:keycloak-services 36 net.mingsoft:ms-mcms 35 io.undertow:undertow-core 34 org.jenkins-ci.plugins:script-security 33 org.apache.solr:solr-core 25 org.keycloak:keycloak-parent 25 org.springframework.security:spring-security-core 24 org.eclipse.jetty:jetty-server 24 org.bouncycastle:bcprov-jdk14 22 org.apache.openmeetings:openmeetings-parent 21 org.apache.nifi:nifi 21 org.cloudfoundry.identity:cloudfoundry-identity-server 20 org.xwiki.platform:xwiki-platform-web-templates 19 org.springframework:spring-core 19 com.vaadin:vaadin-bom 18 com.liferay.portal:release.dxp.bom 18 org.apache.geode:geode-core 17 org.bouncycastle:bcprov-jdk15 16 org.apache.jspwiki:jspwiki-main 16 org.apache.activemq:activemq-client 16 org.apache.dubbo:dubbo 16 org.apache.struts.xwork:xwork-core 15 org.xwiki.platform:xwiki-platform-web 14 org.apache.tomcat:tomcat-coyote 14 org.apache.inlong:manager-pojo 14 org.apache.hadoop:hadoop-main 13 org.apache.cxf:cxf 13 org.jenkins-ci.plugins.workflow:workflow-cps 13 org.bouncycastle:bcprov-jdk15on 12 org.apache.dolphinscheduler:dolphinscheduler 12 org.apache.hadoop:hadoop-common 12 com.vaadin:flow-server 12 org.jeecgframework.boot:jeecg-boot-parent 12 org.jenkins-ci.plugins:git 12 org.apache.camel:camel-core 11 org.apache.commons:commons-compress 11 org.springframework:spring-webmvc 11 org.apache.cxf:cxf-core 11 org.igniterealtime.openfire:parent 11 com.xuxueli:xxl-job 11 org.apache.jspwiki:jspwiki-war 11 org.jeecgframework.boot:jeecg-boot-common 11 org.apache.ranger:ranger 11 org.jenkins-ci.plugins:email-ext 11 org.mortbay.jetty:jetty 11 org.apache.tika:tika-core 11 org.apache.james:james-server 11 org.apache.tomcat:tomcat-catalina 10 org.jboss.netty:netty 10 io.netty:netty 10 org.apache.inlong:manager-service 10 org.xwiki.platform:xwiki-platform-administration-ui 10 org.jenkins-ci.plugins.workflow:workflow-cps-global-lib 10 org.springframework:spring-web 10 org.apache.archiva:archiva 9 com.sonyericsson.jenkins.plugins.bfa:build-failure-analyzer 9 org.opennms:opennms 9 io.jenkins:configuration-as-code 9 bootstrap 9 twbs/bootstrap 9 org.craftercms:crafter-studio 9 org.webjars:bootstrap 9 bootstrap 9 bootstrap 9 org.apache.shiro:shiro-core 9 org.apache.hive:hive 9 org.opencrx:opencrx-core-models 9 org.jenkins-ci.plugins:electricflow 9 org.apache.xmlgraphics:batik 9 org.apache.tapestry:tapestry-core 9 org.jenkins-ci.plugins:config-file-provider 9 org.jenkins-ci.plugins:active-directory 9 org.opencms:opencms-core 9 org.bouncycastle:bcprov-jdk15to18 9 org.apache.linkis:linkis 9 org.apache.kylin:kylin 9 cn.hutool:hutool-core 9 org.apache.pdfbox:pdfbox 8 org.apache.santuario:xmlsec 8 mysql:mysql-connector-java 8 org.postgresql:postgresql 8 pyspark 8 org.jenkins-ci.plugins:ec2 8 org.apache.zeppelin:zeppelin 8 org.yaml:snakeyaml 8 org.apache.ambari:ambari 8 org.graylog2:graylog2-server 8 jquery-rails 8 jquery 8 org.webjars.npm:jquery 8 org.apache.hive:hive-exec 8 org.apache.ozone:ozone-main 8 com.hazelcast:hazelcast 8 io.jenkins.blueocean:blueocean 8 org.apache.derby:derby 7 org.apache.logging.log4j:log4j-core 7 org.jenkins-ci.plugins:jobConfigHistory 7 org.jenkins-ci.plugins:subversion 7 org.silverpeas.core:silverpeas-core-web 7 org.apache.tika:tika 7 org.owasp.esapi:esapi 7 org.apache.spark:spark-core_2.11 7 io.jenkins.plugins:warnings-ng 7 org.apache.cxf:apache-cxf 7 org.jboss.resteasy:resteasy-client 7 org.apache.activemq:activemq-parent 7 org.jruby:jruby-stdlib 7 org.apache.hive:hive-service 7 rubygems-update 7 io.jenkins.plugins:miniorange-saml-sp 7 org.apache.karaf:apache-karaf 7 org.apache.atlas:atlas-common 7 org.jenkins-ci.plugins:artifactory 7 org.jenkins-ci.plugins:oic-auth 7 io.jenkins.plugins:cavisson-ns-nd-integration 7 org.jeecgframework.boot:jeecg-boot-base 7 org.jenkins-ci.plugins:mercurial 7 io.atomix:atomix 7 jquery-ui 7 org.jenkins-ci.plugins:openshift-deployer 7 jquery-ui-rails 7 bootstrap.sass 7 bootstrap-sass 7 org.webjars.npm:jquery-ui 7 jQuery.UI.Combined 7 org.apache.poi:poi 7 org.owasp.antisamy:antisamy 7 org.jenkins-ci.plugins:rundeck 7 io.dataease:dataease-plugin-common 7 jQuery 7 org.apache.inlong:manager-web 7 net.opentsdb:opentsdb 7 org.apache.shenyu:shenyu-common 6 org.jenkins-ci.plugins:gitlab-oauth 6 org.jenkins-ci.plugins:repository-connector 6 org.apache.storm:storm-core 6 org.jenkins-ci.plugins:fortify-on-demand-uploader 6 org.jenkins-ci.plugins:ec2-deployment-dashboard 6 org.apache.pulsar:pulsar-broker 6 hudson.plugins:project-inheritance 6 com.xebialabs.deployit.ci:deployit-plugin 6 org.bouncycastle:bcprov-jdk18on 6 de.tum.in.ase:artemis-java-test-sandbox 6 org.apache.mesos:mesos 6 commons-fileupload:commons-fileupload 6 org.infinispan:infinispan-core 6 com.google.protobuf:protobuf-java 6 io.netty:netty-codec-http 6 cn.hutool:hutool-json 6 org.apache.httpcomponents:httpclient 6 org.apache.axis:axis 6 axis:axis 6 tech.powerjob:powerjob 6 org.csanchez.jenkins.plugins:kubernetes 6 org.apache.struts:struts2-rest-plugin 6 org.apache.solr:solr-parent 6 org.xwiki.commons:xwiki-commons-xml 6 org.opensearch.plugin:opensearch-security 6 org.apache.syncope:syncope-core 6 org.jenkins-ci.plugins:azure-vm-agents 6 org.opencastproject:opencast-kernel 6 org.apache.druid:druid 6 com.sonyericsson.hudson.plugins.gerrit:gerrit-trigger 6 org.jenkins-ci.plugins:pipeline-maven 6 io.netty:netty-handler 6 org.apache.spark:spark-core_2.10 6 com.jflyfox:jflyfox_jfinal 6 org.jeecgframework.boot:jeecg-boot-base-core 5 xerces:xercesImpl 5 org.wildfly:wildfly-parent 5 org.apache.struts:struts-core 5 org.opennms:opennms-webapp 5 com.datapipe.jenkins.plugins:hashicorp-vault-plugin 5 org.jenkins-ci.plugins:google-login 5 org.jenkins-ci.plugins:scriptler 5 org.dspace:dspace-jspui 5 org.jenkins-ci.plugins:publish-over-ssh 5 org.jenkins-ci.plugins:htmlpublisher 5 org.neo4j.procedure:apoc 5 org.zenframework.z8.dependencies.commons:log4j-1.2.17 5 org.jenkins-ci.plugins:azure-ad 5 org.jenkins-ci.plugins:fortify 5 org.apache.inlong:manager-dao 5 org.jboss.resteasy:resteasy-bom 5 org.jenkins-ci.plugins:websphere-deployer 5 org.jenkins-ci.plugins:extended-choice-parameter 5 org.igniterealtime.openfire:xmppserver 5 org.jenkinsci.plugins:octoperf 5 org.xwiki.platform:xwiki-platform-appwithinminutes-ui 5

https://github.com/apache/struts 35 https://github.com/rapid7/metasploit-framework 1 https://github.com/hook-s3c/CVE-2018-11776-Python-PoC 1