Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

maven Security Advisories

Loading...
Low
GSA_kwCzR0hTQS03ZnBqLTlocjgtMjh2aM4AA7JC
Keycloak vulnerable to impersonation via logout token exchange
Ecosystems: maven
Packages: org.keycloak:keycloak-services
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 days ago
Moderate
GSA_kwCzR0hTQS1jOWg2LXY3OHctNTJ3as4AA7JB
Keycloak vulnerable to session hijacking via re-authentication
Ecosystems: maven
Packages: org.keycloak:keycloak-services
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 days ago
High
GSA_kwCzR0hTQS03MnZwLXhmcmMtNDJ4bc4AA7JA
Keycloak path transversal vulnerability in redirection validation
Ecosystems: maven
Packages: org.keycloak:keycloak-services
Source: GitHub Advisory Database
Blast Radius: 22.3
Published: 2 days ago
High
GSA_kwCzR0hTQS1tNnE5LXAzNzMtZzVxOM4AA7I_
Keycloak's unvalidated cross-origin messages in checkLoginIframe leads to DDoS
Ecosystems: maven
Packages: org.keycloak:keycloak-services
Source: GitHub Advisory Database
Blast Radius: 20.3
Published: 2 days ago
Low
GSA_kwCzR0hTQS1qNjI4LXE4ODUtOGdyNc4AA7I-
Keycloak vulnerable to log Injection during WebAuthn authentication or registration
Ecosystems: maven
Packages: org.keycloak:keycloak-services
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 days ago
Moderate
GSA_kwCzR0hTQS00NmM4LTYzNXYtNjhyMs4AA7I4
Keycloak Authorization Bypass vulnerability
Ecosystems: maven
Packages: org.keycloak:keycloak-services
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 days ago
High
GSA_kwCzR0hTQS04cm1tLWdtMjgtcGo4cc4AA7I3
Keycloak Cross-site Scripting (XSS) via assertion consumer service URL in SAML POST-binding flow
Ecosystems: maven
Packages: org.keycloak:keycloak-services
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 days ago
Moderate
GSA_kwCzR0hTQS00ZjUzLXhoM3YtZzh4NM4AA7I2
Keycloak secondary factor bypass in step-up authentication
Ecosystems: maven
Packages: org.keycloak:keycloak-services
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 days ago
High
GSA_kwCzR0hTQS1tcnY4LXBxZmotN2dwNc4AA7I1
Keycloak path traversal vulnerability in the redirect validation
Ecosystems: maven
Packages: org.keycloak:keycloak-services
Source: GitHub Advisory Database
Blast Radius: 19.5
Published: 2 days ago
Moderate
GSA_kwCzR0hTQS1yNTJoLWZqbTctOTNqOM4AA7I0
BlazeMeter Jenkins plugin vulnerable to Cross-Site Request Forgery
Ecosystems: maven
Packages: com.blazemeter.plugins:BlazeMeterJenkinsPlugin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 2 days ago
Moderate
GSA_kwCzR0hTQS03OXZ2LXZwMzItZ3BwN84AA68L
Apache Kafka: Potential incorrect access control during migration from ZK mode to KRaft mode
Ecosystems: maven
Packages: org.apache.kafka:kafka-metadata
Source: GitHub Advisory Database
Blast Radius: 11.2
Published: 8 days ago
Critical
GSA_kwCzR0hTQS1jMmdnLTRncTQtanY1as4AA630
XWiki Platform remote code execution from account through UIExtension parameters
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-uiextension-api
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 days ago
Critical
GSA_kwCzR0hTQS1oZjQzLTQ3cTQtZmhxNc4AA63z
XWiki Commons missing escaping of `{` in Velocity escapetool allows remote code execution
Ecosystems: maven
Packages: org.xwiki.commons:xwiki-commons-velocity
Source: GitHub Advisory Database
Blast Radius: 18.1
Published: 9 days ago
Critical
GSA_kwCzR0hTQS1yNXZoLWdjM3ItcjI0d84AA63v
XWiki Platform CSRF remote code execution through the realtime HTML Converter API
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-realtime-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 days ago
Critical
GSA_kwCzR0hTQS1jdjU1LXY2cnctN3I1ds4AA63u
XWiki Platform remote code execution from account via custom skins support
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-oldcore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 days ago
Critical
GSA_kwCzR0hTQS0zN200LWhxeHYtdzI2Z84AA63t
XWiki Platform CSRF remote code execution through scheduler job's document reference
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-scheduler-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 days ago
Moderate
GSA_kwCzR0hTQS1qMnI2LXI5MjktdjZnZs4AA63s
XWiki Platform CSRF in the job scheduler
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-scheduler-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 days ago
Critical
GSA_kwCzR0hTQS14bTRoLTNqeHItbTNjNs4AA63r
XWiki Platform: Remote code execution through space title and Solr space facet
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-search-solr-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 days ago
Critical
GSA_kwCzR0hTQS14eHAyLTljOWctN3dtas4AA63q
XWiki Platform: Remote code execution from edit in multilingual wikis via translations
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-localization-source-wiki
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 days ago
Critical
GSA_kwCzR0hTQS0yODU4LThjZngtNjltOc4AA63p
XWiki Platform: Remote code execution as guest via DatabaseSearch
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-search-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 days ago
Critical
GSA_kwCzR0hTQS12eHdyLXdwanYtcWpxN84AA63o
XWiki Platform: Privilege escalation (PR) from user registration through PDFClass
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-oldcore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 days ago
Critical
GSA_kwCzR0hTQS0zNGZqLXI1Z3EtNzM5Nc4AA63n
XWiki Platform: Remote code execution from account via SearchSuggestSourceSheet
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-search-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 days ago
Moderate
GSA_kwCzR0hTQS12NzgyLXhyNHctM3ZxeM4AA63m
XWiki Platform: Password hash might be leaked by diff once the xobject holding them is deleted
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-oldcore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 days ago
High
GSA_kwCzR0hTQS1qcG14LTk5NnYtNDhmbc4AA62D
WildFly Elytron: OIDC app attempting to access the second tenant, the user should be prompted to log
Ecosystems: maven
Packages: org.wildfly.security:wildfly-elytron-http-oidc
Source: GitHub Advisory Database
Blast Radius: 12.4
Published: 9 days ago
Moderate
GSA_kwCzR0hTQS1xbXIzLTUyeGYtd21oeM4AA6yr
Apache Zeppelin: LDAP search filter query Injection Vulnerability
Ecosystems: maven
Packages: org.apache.zeppelin:zeppelin-server
Source: GitHub Advisory Database
Blast Radius: 10.2
Published: 10 days ago
Moderate
GSA_kwCzR0hTQS1ycnZmLTV3NHItM3g3ds4AA6wc
Apache Zeppelin vulnerable to cross-site scripting in the helium module
Ecosystems: maven
Packages: org.apache.zeppelin:zeppelin-interpreter
Source: GitHub Advisory Database
Blast Radius: 13.7
Published: 10 days ago
Critical
GSA_kwCzR0hTQS02Nmo4LWM4M20tZ2o1Zs4AA6wb
Apache Zeppelin remote code execution by adding malicious JDBC connection string
Ecosystems: maven
Packages: org.apache.zeppelin:zeppelin-jdbc
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 10 days ago
Moderate
GSA_kwCzR0hTQS1nNDRtLXg1aDctZnI1cc4AA6wa
Apache Zeppelin: Cron arbitrary user impersonation with improper privileges
Ecosystems: maven
Packages: org.apache.zeppelin:zeppelin-server
Source: GitHub Advisory Database
Blast Radius: 9.4
Published: 10 days ago
High
GSA_kwCzR0hTQS1odzQyLTM1Njgtd2o4N84AA6v1
google-oauth-java-client improperly verifies cryptographic signature
Ecosystems: maven
Packages: com.google.oauth-client:google-oauth-client
Source: GitHub Advisory Database
Blast Radius: 25.5
Published: 10 days ago
High
GSA_kwCzR0hTQS1mcmMyLXcyY2MteDc5NM4AA6vy
Eclipse Kura LogServlet vulnerability
Ecosystems: maven
Packages: org.eclipse.kura:org.eclipse.kura.web2
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 days ago
Moderate
GSA_kwCzR0hTQS02NjIzLWM2bXItNjczN84AA6vz
Apache Zeppelin: Denial of service with invalid notebook name
Ecosystems: maven
Packages: org.apache.zeppelin:zeppelin-server
Source: GitHub Advisory Database
Blast Radius: 9.2
Published: 11 days ago
Moderate
GSA_kwCzR0hTQS1ycjU5LWg2cmgtdjg0ds4AA6vw
Apache Zeppelin SAP: connecting to a malicious SAP server allowed it to perform XXE
Ecosystems: maven
Packages: org.apache.zeppelin:sap
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 days ago
Moderate
GSA_kwCzR0hTQS1tNjVjLXdtdzktdm1wcM4AA6v0
Apache Zeppelin: Replacing other users notebook, bypassing any permissions
Ecosystems: maven
Packages: org.apache.zeppelin:zeppelin-server
Source: GitHub Advisory Database
Blast Radius: 11.3
Published: 11 days ago
Moderate
GSA_kwCzR0hTQS1wcnZnLXJoNWgtNzRqcs4AA6vx
Apache Zeppelin CSRF vulnerability in the Credentials page
Ecosystems: maven
Packages: org.apache.zeppelin:zeppelin-web
Source: GitHub Advisory Database
Blast Radius: 9.2
Published: 11 days ago
Moderate
GSA_kwCzR0hTQS1nNjRyLXhmMzktcTRwNc4AA6vv
Apache Zeppelin Path Traversal vulnerability
Ecosystems: maven
Packages: org.apache.zeppelin:zeppelin-server
Source: GitHub Advisory Database
Blast Radius: 9.2
Published: 11 days ago
High
GSA_kwCzR0hTQS12NG1tLXE4ZnYtcjJ3Nc4AA6vZ
WildFly Elytron: SSRF security issue
Ecosystems: maven
Packages: org.wildfly.security:wildfly-elytron-realm-token
Source: GitHub Advisory Database
Blast Radius: 16.5
Published: 11 days ago
Low
GSA_kwCzR0hTQS0ydjQyLXhwM2otNDdtNM4AA6rp
Xuxueli xxl-job template injection vulnerability
Ecosystems: maven
Packages: com.xuxueli:xxl-job-core
Source: GitHub Advisory Database
Blast Radius: 11.0
Published: 14 days ago
High
GSA_kwCzR0hTQS1mOGg1LXYydmctNDZycs4AA6o6
quarkus-core leaks local environment variables from Quarkus namespace during application's build
Ecosystems: maven
Packages: io.quarkus:quarkus-core
Source: GitHub Advisory Database
Blast Radius: 19.0
Published: 15 days ago
Moderate
GSA_kwCzR0hTQS03bWcyLTZjNnYtMzQycs4AA6ji
Apache Pulsar: Improper Authorization For Namespace and Topic Management Endpoints
Ecosystems: maven
Packages: org.apache.pulsar:pulsar-broker
Source: GitHub Advisory Database
Blast Radius: 15.3
Published: 17 days ago
Moderate
GSA_kwCzR0hTQS05cGgzLXYydmgtM3F4N84AA6iX
Eclipse Vert.x vulnerable to a memory leak in TCP servers
Ecosystems: maven
Packages: io.vertx:vertx-core
Source: GitHub Advisory Database
Blast Radius: 21.3
Published: 18 days ago
Moderate
GSA_kwCzR0hTQS04dmo5LTV2NXEtZmhjaM4AA6fR
Bonita cross-site scripting vulnerability
Ecosystems: maven
Packages: org.bonitasoft.platform:platform-resources, org.bonitasoft.console:bonita-web-server
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 19 days ago
Moderate
GSA_kwCzR0hTQS1wdzM5LWYzbTUtY3hmY84AA6b_
Elasticsearch Uncaught Exception leading to crash
Ecosystems: maven
Packages: org.elasticsearch:elasticsearch
Source: GitHub Advisory Database
Blast Radius: 18.4
Published: 22 days ago
Moderate
GSA_kwCzR0hTQS1yM2h4LXFmaDUtcjltN84AA6YJ
Elasticsearch Incorrect Authorization vulnerability
Ecosystems: maven
Packages: org.elasticsearch:elasticsearch
Source: GitHub Advisory Database
Blast Radius: 18.8
Published: 23 days ago
Moderate
GSA_kwCzR0hTQS13NWdnLTJxNTYtNmg0Zs4AA6Xy
Elasticsearch Uncontrolled Resource Consumption vulnerability
Ecosystems: maven
Packages: org.elasticsearch:elasticsearch
Source: GitHub Advisory Database
Blast Radius: 20.9
Published: 23 days ago
Moderate
GSA_kwCzR0hTQS01NjY3LTN3Y2gtN3E3d84AA6V6
Eclipse Vert.x memory leak
Ecosystems: maven
Packages: io.vertx:vertx-core
Source: GitHub Advisory Database
Blast Radius: 25.7
Published: 24 days ago
High
GSA_kwCzR0hTQS01eHZjLXJ3djgtODZwN84AA6T5
Ignite Realtime Openfire privilege escalation vulnerability
Ecosystems: maven
Packages: org.igniterealtime.openfire:xmppserver
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 24 days ago
High
GSA_kwCzR0hTQS02cHdnLWdnNmotNWNybc4AA6UB
Ignite Realtime Openfire privilege escalation vulnerability
Ecosystems: maven
Packages: org.igniterealtime.openfire:xmppserver
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 24 days ago
Moderate
GSA_kwCzR0hTQS01anBtLXg1OHYtNjI0ds4AA6Rf
Netty's HttpPostRequestDecoder can OOM
Ecosystems: maven
Packages: io.netty:netty-codec-http
Source: GitHub Advisory Database
Blast Radius: 20.2
Published: 25 days ago
High
GSA_kwCzR0hTQS03Zjg4LTVoaHgtNjdtMs4AA6PK
XNIO denial of service vulnerability
Ecosystems: maven
Packages: org.jboss.xnio:xnio-api
Source: GitHub Advisory Database
Blast Radius: 22.9
Published: 28 days ago
Moderate
GSA_kwCzR0hTQS05dzM4LXA2NHYteHBtds4AA6Mr
Apache Commons Configuration: StackOverflowError calling ListDelimiterHandler.flatten(Object, int) with a cyclical object tree
Ecosystems: maven
Packages: org.apache.commons:commons-configuration2
Source: GitHub Advisory Database
Blast Radius: 21.8
Published: 30 days ago
Moderate
GSA_kwCzR0hTQS14anA0LWh3OTQtbXZwNc4AA6Ms
Apache Commons Configuration: StackOverflowError adding property in AbstractListDelimiterHandler.flattenIterator()
Ecosystems: maven
Packages: org.apache.commons:commons-configuration2
Source: GitHub Advisory Database
Blast Radius: 21.8
Published: 30 days ago
Moderate
GSA_kwCzR0hTQS00aDVoLXAyM2YtaGpxZs4AA6Lz
SQL injection in Folio Spring Module Core
Ecosystems: maven
Packages: org.folio:spring-module-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 30 days ago
Moderate
GSA_kwCzR0hTQS14NjM3LXg4cDMtNXAyMs4AA6Jm
Improper Authentication in Spring Authorization Server
Ecosystems: maven
Packages: org.springframework.security:spring-security-oauth2-authorization-server
Source: GitHub Advisory Database
Blast Radius: 17.5
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS04OHdjLWZjajktcTNyOc4AA6JO
GeoServer's GWC Demos Page vulnerable to Stored Cross-Site Scripting (XSS)
Ecosystems: maven
Packages: org.geoserver:gs-gwc
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS03eDc2LTU3ZnItbTVyNc4AA6JN
GeoServer's MapML HTML Page vulnerable to Stored Cross-Site Scripting (XSS)
Ecosystems: maven
Packages: org.geoserver.extension:gs-mapml
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS1mY3BtLWhjaGotbWg3Ms4AA6JM
GeoServer's WMS OpenLayers Format vulnerable to Stored Cross-Site Scripting (XSS)
Ecosystems: maven
Packages: org.geoserver:gs-wms
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS01NnIzLWY1MzYtNWdmN84AA6JL
GeoServer's GWC Seed Form vulnerable to Stored Cross-Site Scripting (XSS)
Ecosystems: maven
Packages: org.geoserver:gs-gwc-rest
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS1mZzl2LTU2aHctZzUyNc4AA6JK
GeoServer's Simple SVG Renderer vulnerable to Stored Cross-Site Scripting (XSS)
Ecosystems: maven
Packages: org.geoserver:gs-wms
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS05cmZyLXBmMngtZzR4Zs4AA6JJ
GeoServer's Style Publisher vulnerable to Stored Cross-Site Scripting (XSS)
Ecosystems: maven
Packages: org.geoserver:gs-ows, org.geoserver:gs-main
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS03NW01LWhoNHItcTlneM4AA6JI
GeoServer Arbitrary file renaming vulnerability in REST Coverage/Data Store API
Ecosystems: maven
Packages: org.geoserver:gs-restconfig
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS1maDdwLTVmNmctdmoyd84AA6JH
Stored Cross-Site Scripting (XSS) vulnerability in GeoServer's REST Resources API
Ecosystems: maven
Packages: org.geoserver:gs-restconfig
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
High
GSA_kwCzR0hTQS05djVxLTJnd3EtcTlocc4AA6JG
Arbitrary file upload vulnerability in GeoServer's REST Coverage Store API
Ecosystems: maven
Packages: org.geoserver:gs-restconfig, org.geoserver:gs-platform
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
High
GSA_kwCzR0hTQS04Zzd2LXZqcmMteDRnNc4AA6JF
GeoServer log file path traversal vulnerability
Ecosystems: maven
Packages: org.geoserver:gs-main
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS04dnZwLTUyNWgtY3hmOc4AA6Hm
Cross-Site Request Forgery in Apache Wicket
Ecosystems: maven
Packages: org.apache.wicket:wicket
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS1mNmc2LXBqZ2MtNWNqNc4AA6Hl
Improper Input Validation vulnerability in Apache Hop Engine
Ecosystems: maven
Packages: org.apache.hop:hop
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
High
GSA_kwCzR0hTQS1jZzI0LWpqcjUtcnhtZs4AA6Hh
Path traversal in flaskcode Devan-Kerman ARRP
Ecosystems: maven
Packages: net.devtech:arrp
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
High
GSA_kwCzR0hTQS1mM2poLXF2bTQtbWczOc4AA6FU
Erroneous authentication pass in Spring Security
Ecosystems: maven
Packages: org.springframework.security:spring-security-core
Source: GitHub Advisory Database
Blast Radius: 38.1
Published: about 1 month ago
High
GSA_kwCzR0hTQS1oZ2poLTlyajItZzY3as4AA6DE
Spring Framework URL Parsing with Host Validation Vulnerability
Ecosystems: maven
Packages: org.springframework:spring-web
Source: GitHub Advisory Database
Blast Radius: 42.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS1yOTc4LTltNm0tNmdtNs4AA6BT
Apache ZooKeeper vulnerable to information disclosure in persistent watchers handling
Ecosystems: maven
Packages: org.apache.zookeeper:zookeeper
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS1xbWd4LWo5NmctNDQyOM4AA6BU
SSRF vulnerability using the Aegis DataBinding in Apache CXF
Ecosystems: maven
Packages: org.apache.cxf:cxf-core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS12NjgyLTh2djgtdnB3cs4AA5-j
Denial of Service via incomplete cleanup vulnerability in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat.embed:tomcat-embed-websocket, org.apache.tomcat:tomcat-websocket
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS03dzc1LTMyY2ctcjZnMs4AA5-Y
Apache Tomcat Denial of Service due to improper input validation vulnerability for HTTP/2 requests
Ecosystems: maven
Packages: org.apache.tomcat:tomcat-coyote, org.apache.tomcat.embed:tomcat-embed-core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
Low
GSA_kwCzR0hTQS03Zzk3LTdyM2MtNWNjNs4AA58e
In Quarkus, git credentials could be inadvertently published
Ecosystems: maven
Packages: io.quarkus:quarkus-kubernetes-deployment
Source: GitHub Advisory Database
Blast Radius: 7.3
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS1nNjI3LXI1NzktcnczNc4AA573
Apache Pulsar: Improper Authorization For Topic-Level Policy Management
Ecosystems: maven
Packages: org.apache.pulsar:pulsar-broker
Source: GitHub Advisory Database
Blast Radius: 15.3
Published: about 1 month ago
High
GSA_kwCzR0hTQS14cDJyLWc4cXEtNDRoaM4AA577
Apache Pulsar: Improper Input Validation in Pulsar Function Worker allows Remote Code Execution
Ecosystems: maven
Packages: org.apache.pulsar:pulsar-functions-worker
Source: GitHub Advisory Database
Blast Radius: 7.8
Published: about 1 month ago
High
GSA_kwCzR0hTQS1qZzJnLTRyamctY21xaM4AA57-
Apache Pulsar: Pulsar Functions Worker's Archive Extraction Vulnerability Allows Unauthorized File Modification
Ecosystems: maven
Packages: org.apache.pulsar:pulsar-functions-worker
Source: GitHub Advisory Database
Blast Radius: 7.6
Published: about 1 month ago
High
GSA_kwCzR0hTQS1jMng5LXZ3NWgtMzl2Y84AA57_
Apache Pulsar: Pulsar Functions Worker Allows Unauthorized File Access and Unauthorized HTTP/HTTPS Proxying
Ecosystems: maven
Packages: org.apache.pulsar:pulsar-functions-worker
Source: GitHub Advisory Database
Blast Radius: 7.8
Published: about 1 month ago
High
GSA_kwCzR0hTQS1jMzVoLXc4aGotbW01Nc4AA574
Apache Pulsar: Improper Authentication for Pulsar Proxy Statistics Endpoint
Ecosystems: maven
Packages: org.apache.pulsar:pulsar-proxy
Source: GitHub Advisory Database
Blast Radius: 8.2
Published: about 1 month ago
High
GSA_kwCzR0hTQS1qN2ptLThnZjUtZnJjbc4AA50O
nGrinder vulnerable to unsafe Java objects deserialization
Ecosystems: maven
Packages: org.ngrinder:ngrinder-core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS1wZmgzLWo3OXItdnFyas4AA5zt
Jenkins Delphix Plugin has improper SSL/TLS certificate validation
Ecosystems: maven
Packages: org.jenkins-ci.plugins:delphix
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS14ajM2LTZ4YzYtOHA5eM4AA5ze
Jenkins Delphix Plugin has SSL/TLS certificate validation disabled by default
Ecosystems: maven
Packages: org.jenkins-ci.plugins:delphix
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
High
GSA_kwCzR0hTQS0ycGMyLWg5N2gtMm1td84AA5zd
Jenkins iceScrum Plugin vulnerable to stored Cross-site Scripting
Ecosystems: maven
Packages: org.jenkins-ci.plugins:icescrum
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS02NGM1LXIyaDUtYzJmZ84AA5zf
Jenkins docker-build-step Plugin Cross-Site Request Forgery vulnerability
Ecosystems: maven
Packages: org.jenkins-ci.plugins:docker-build-step
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS04aDJtLTU0d2gtZ3dqM84AA5zu
Jenkins docker-build-step Plugin missing permission check
Ecosystems: maven
Packages: org.jenkins-ci.plugins:docker-build-step
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS1tcjlqLXFxamgtNjdmMs4AA5zp
Jenkins Subversion Partial Release Manager Plugin missing permission check
Ecosystems: maven
Packages: org.jenkins-ci.plugins:svn-partial-release-mgr
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
High
GSA_kwCzR0hTQS01ajc0LWczYzUtd3F3d84AA5za
Jenkins GitBucket Plugin vulnerable to stored Cross-site Scripting
Ecosystems: maven
Packages: org.jenkins-ci.plugins:gitbucket
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
High
GSA_kwCzR0hTQS01ajVyLTZtdjktbTI1Nc4AA5zY
Jenkins Build Monitor View Plugin vulnerable to stored Cross-site Scripting
Ecosystems: maven
Packages: org.jenkins-ci.plugins:build-monitor-plugin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
High
GSA_kwCzR0hTQS05cHA0LW14NngteGgzNs4AA5zX
Jenkins OWASP Dependency-Check Plugin has stored XSS vulnerability
Ecosystems: maven
Packages: org.jenkins-ci.plugins:dependency-check-jenkins-plugin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS1ydjM1LTY5ZmYtZzlnds4AA5zb
Jenkins Subversion Partial Release Manager Plugin vulnerable to Cross-Site Request Forgery
Ecosystems: maven
Packages: org.jenkins-ci.plugins:svn-partial-release-mgr
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS14eHY5LXc1aG0tMzI4as4AA5zZ
Jenkins AppSpider Plugin missing permission checks
Ecosystems: maven
Packages: com.rapid7:jenkinsci-appspider-plugin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS00Nzh4LW0zbXgtN2ozZs4AA5zm
Jenkins HTML Publisher Plugin Path traversal vulnerability
Ecosystems: maven
Packages: org.jenkins-ci.plugins:htmlpublisher
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
High
GSA_kwCzR0hTQS14cnJ3LTlqNzgtaHBmM84AA5zs
Jenkins HTML Publisher Plugin Stored XSS vulnerability
Ecosystems: maven
Packages: org.jenkins-ci.plugins:htmlpublisher
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS1tNHJtLXgycnItMzU3d84AA5zW
Jenkins Bitbucket Branch Source Plugin has incorrect trust policy behavior for pull requests
Ecosystems: maven
Packages: org.jenkins-ci.plugins:cloudbees-bitbucket-branch-source
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
High
GSA_kwCzR0hTQS04dmNnLXY3ZzQtM3ZyN84AA5zn
Jenkins HTML Publisher Plugin does not properly sanitize input
Ecosystems: maven
Packages: org.jenkins-ci.plugins:htmlpublisher
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS04Zm00LXIyM3AtdjY4ds4AA5zr
Jenkins MQ Notifier Plugin exposes sensitive information in build logs
Ecosystems: maven
Packages: com.sonymobile.jenkins.plugins.mq:mq-notifier
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS1tNzU3LXA4cnYtNHE5M84AA5zJ
Apache Linkis DataSource: DataSource module Oracle SQL Database Password Logged
Ecosystems: maven
Packages: org.apache.linkis:linkis
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
High
GSA_kwCzR0hTQS1wMmd4LTQ0MzQtcGY2Z84AA5y_
Apache InLong: Logged-in user could exploit an arbitrary file read vulnerability
Ecosystems: maven
Packages: org.apache.inlong:manager-common
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS1ydjRoLW00d2Mtdjk5d84AA5r9
Apache Archiva Incorrect Authorization vulnerability
Ecosystems: maven
Packages: org.apache.archiva:archiva
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
Moderate
GSA_kwCzR0hTQS1oNTk1LXZ3aGMtM3h3eM4AA5r-
Apache Archiva Incorrect Authorization vulnerability
Ecosystems: maven
Packages: org.apache.archiva:archiva
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
Moderate
GSA_kwCzR0hTQS1ocDJ4LTZ2cm0tN2o3ds4AA5sA
Apache Archiva Reflected Cross-site Scripting vulnerability
Ecosystems: maven
Packages: org.apache.archiva:archiva-common
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Statistics
Advisories: 17,470
Packages: 8,115
Repositories: 964
Ecosystems: 12
Filter by Severity
Moderate 7,470 High 6,100 Critical 2,660 Low 958
Filter by Ecosystem
maven 5,492 npm 3,496 pypi 3,463 packagist 3,213 go 1,828 nuget 1,388 rubygems 812 cargo 772 swift 31 hex 29 actions 16 pub 8
Filter by Package
org.jenkins-ci.main:jenkins-core 189 org.apache.tomcat:tomcat 139 com.fasterxml.jackson.core:jackson-databind 69 org.apache.struts:struts2-core 55 com.liferay.portal:release.portal.bom 45 org.keycloak:keycloak-core 43 com.thoughtworks.xstream:xstream 36 com.jfinal:jfinal 36 net.mingsoft:ms-mcms 35 org.xwiki.platform:xwiki-platform-oldcore 34 org.elasticsearch:elasticsearch 32 org.apache.tomcat.embed:tomcat-embed-core 32 org.jenkins-ci.plugins:script-security 30 io.undertow:undertow-core 27 org.keycloak:keycloak-parent 26 org.keycloak:keycloak-services 26 org.apache.solr:solr-core 25 org.springframework.security:spring-security-core 23 org.eclipse.jetty:jetty-server 23 org.apache.nifi:nifi 22 org.apache.openmeetings:openmeetings-parent 21 org.cloudfoundry.identity:cloudfoundry-identity-server 20 org.springframework:spring-core 19 com.vaadin:vaadin-bom 18 org.bouncycastle:bcprov-jdk14 18 com.liferay.portal:release.dxp.bom 18 org.xwiki.platform:xwiki-platform-web-templates 17 org.apache.geode:geode-core 17 org.apache.dubbo:dubbo 16 org.apache.activemq:activemq-client 16 org.bouncycastle:bcprov-jdk15 16 org.apache.jspwiki:jspwiki-main 15 org.apache.struts.xwork:xwork-core 15 org.xwiki.platform:xwiki-platform-web 14 org.apache.cxf:cxf 13 org.apache.inlong:manager-pojo 13 org.apache.hadoop:hadoop-main 13 org.jenkins-ci.plugins.workflow:workflow-cps 12 org.apache.dolphinscheduler:dolphinscheduler 12 com.vaadin:flow-server 12 org.jenkins-ci.plugins:git 12 org.apache.jspwiki:jspwiki-war 11 org.apache.tika:tika-core 11 org.apache.camel:camel-core 11 org.mortbay.jetty:jetty 11 org.apache.cxf:cxf-core 11 org.apache.hadoop:hadoop-common 11 org.apache.james:james-server 11 org.apache.commons:commons-compress 11 org.igniterealtime.openfire:parent 11 com.xuxueli:xxl-job 11 org.jenkins-ci.plugins:email-ext 11 org.jeecgframework.boot:jeecg-boot-parent 11 org.apache.ranger:ranger 11 org.jeecgframework.boot:jeecg-boot-common 11 org.jenkins-ci.plugins.workflow:workflow-cps-global-lib 10 io.netty:netty 10 org.apache.inlong:manager-service 10 org.jboss.netty:netty 10 org.xwiki.platform:xwiki-platform-administration-ui 10 org.opencrx:opencrx-core-models 9 cn.hutool:hutool-core 9 org.apache.xmlgraphics:batik 9 org.apache.archiva:archiva 9 com.sonyericsson.jenkins.plugins.bfa:build-failure-analyzer 9 org.opennms:opennms 9 org.jenkins-ci.plugins:active-directory 9 org.apache.tapestry:tapestry-core 9 org.apache.shiro:shiro-core 9 io.jenkins:configuration-as-code 9 org.craftercms:crafter-studio 9 org.bouncycastle:bcprov-jdk15on 9 org.apache.hive:hive 9 org.jenkins-ci.plugins:config-file-provider 9 org.springframework:spring-webmvc 9 jquery 9 jquery-rails 9 org.jenkins-ci.plugins:electricflow 9 org.webjars.npm:jquery 9 com.hazelcast:hazelcast 8 org.apache.pdfbox:pdfbox 8 io.jenkins.blueocean:blueocean 8 org.opencms:opencms-core 8 org.apache.santuario:xmlsec 8 org.graylog2:graylog2-server 8 org.apache.ambari:ambari 8 org.jenkins-ci.plugins:ec2 8 org.apache.hive:hive-exec 8 org.apache.zeppelin:zeppelin 8 org.yaml:snakeyaml 8 org.springframework:spring-web 8 org.postgresql:postgresql 8 jQuery 8 mysql:mysql-connector-java 8 org.apache.tomcat:tomcat-catalina 8 org.apache.ozone:ozone-main 8 org.apache.kylin:kylin 8 org.jenkins-ci.plugins:openshift-deployer 7 org.jenkins-ci.plugins:jobConfigHistory 7 org.apache.derby:derby 7 jQuery.UI.Combined 7 org.apache.logging.log4j:log4j-core 7 org.apache.activemq:activemq-parent 7 io.jenkins.plugins:miniorange-saml-sp 7 org.jenkins-ci.plugins:artifactory 7 org.owasp.antisamy:antisamy 7 net.opentsdb:opentsdb 7 org.jenkins-ci.plugins:subversion 7 jquery-ui 7 io.jenkins.plugins:cavisson-ns-nd-integration 7 jquery-ui-rails 7 org.owasp.esapi:esapi 7 org.webjars.npm:jquery-ui 7 org.apache.cxf:apache-cxf 7 org.apache.tika:tika 7 org.jenkins-ci.plugins:rundeck 7 org.apache.atlas:atlas-common 7 org.silverpeas.core:silverpeas-core-web 7 org.apache.hive:hive-service 7 org.apache.poi:poi 7 org.jenkins-ci.plugins:mercurial 7 rubygems-update 7 org.jruby:jruby-stdlib 7 io.dataease:dataease-plugin-common 7 io.jenkins.plugins:warnings-ng 7 org.apache.spark:spark-core_2.11 7 org.apache.inlong:manager-web 7 org.apache.linkis:linkis 7 org.apache.karaf:apache-karaf 7 org.jeecgframework.boot:jeecg-boot-base 7 io.atomix:atomix 7 org.jboss.resteasy:resteasy-client 7 org.apache.tomcat:tomcat-coyote 7 org.apache.mesos:mesos 6 com.jflyfox:jflyfox_jfinal 6 tech.powerjob:powerjob 6 org.apache.storm:storm-core 6 org.apache.axis:axis 6 org.jenkins-ci.plugins:ec2-deployment-dashboard 6 org.apache.pulsar:pulsar-broker 6 org.jenkins-ci.plugins:gitlab-oauth 6 axis:axis 6 commons-fileupload:commons-fileupload 6 org.xwiki.commons:xwiki-commons-xml 6 org.apache.solr:solr-parent 6 org.opencastproject:opencast-kernel 6 org.apache.syncope:syncope-core 6 org.jenkins-ci.plugins:pipeline-maven 6 org.apache.httpcomponents:httpclient 6 com.sonyericsson.hudson.plugins.gerrit:gerrit-trigger 6 org.csanchez.jenkins.plugins:kubernetes 6 org.jenkins-ci.plugins:azure-vm-agents 6 org.apache.spark:spark-core_2.10 6 org.opensearch.plugin:opensearch-security 6 io.netty:netty-codec-http 6 hudson.plugins:project-inheritance 6 cn.hutool:hutool-json 6 org.jenkins-ci.plugins:fortify-on-demand-uploader 6 org.apache.shenyu:shenyu-common 6 org.apache.struts:struts2-rest-plugin 6 de.tum.in.ase:artemis-java-test-sandbox 6 org.jenkins-ci.plugins:repository-connector 6 com.xebialabs.deployit.ci:deployit-plugin 6 io.netty:netty-handler 6 org.xwiki.platform:xwiki-platform-flamingo-skin-resources 5 org.jenkins-ci.plugins:gitlab-plugin 5 org.jenkins-ci.plugins:websphere-deployer 5 com.mabl.integration.jenkins:mabl-integration 5 org.apache.druid:druid 5 org.jenkins-ci.plugins.m2release:m2release 5 xerces:xercesImpl 5 org.biouno:uno-choice 5 org.jenkins-ci.plugins:support-core 5 edu.stanford.nlp:stanford-corenlp 5 com.vaadin:vaadin-server 5 org.apache.kylin:kylin-server-base 5 org.jenkins-ci.plugins:delphix 5 org.jenkins-ci.plugins:matrix-project 5 org.jenkinsci.plugins:octoperf 5 org.jenkins-ci.plugins:google-login 5 com.alibaba:dubbo 5 org.opennms:opennms-webapp 5 org.jenkins-ci.plugins:htmlpublisher 5 org.neo4j.procedure:apoc 5 org.jeecgframework.boot:jeecg-boot-base-core 5 org.xwiki.platform:xwiki-platform-appwithinminutes-ui 5 com.google.protobuf:protobuf-java 5 org.dspace:dspace-jspui 5 com.ruoyi:ruoyi 5 org.jboss.resteasy:resteasy-bom 5 org.apache.hadoop:hadoop-client 5 org.jenkins-ci.plugins:scriptler 5 org.jenkins-ci.plugins:ghprb 5 org.apache.inlong:manager-dao 5 org.apache.cassandra:cassandra-all 5 org.jenkins-ci.plugins:codedx 5 org.jenkins-ci.plugins:junit 5 info.magnolia:magnolia-core 5 org.codehaus.jettison:jettison 5 org.springframework.amqp:spring-amqp 5
Filter by Repository
https://github.com/xwiki/xwiki-platform 172 https://github.com/jenkinsci/jenkins 148 https://github.com/apache/tomcat 93 https://github.com/FasterXML/jackson-databind 70 https://github.com/keycloak/keycloak 54 https://github.com/apache/struts 46 https://github.com/spring-projects/spring-framework 40 https://github.com/x-stream/xstream 36 https://github.com/apache/activemq 32 https://github.com/CVEProject/cvelist 28 https://github.com/apache/inlong 25 https://github.com/eclipse/jetty.project 23 https://github.com/apache/nifi 21 https://github.com/jeecgboot/jeecg-boot 20 https://github.com/OpenNMS/opennms 20 https://github.com/netty/netty 20 https://github.com/jenkinsci/script-security-plugin 20 https://github.com/apache/cxf 19 https://github.com/cloudfoundry/uaa 19 https://github.com/bcgit/bc-java 18 https://github.com/vaadin/platform 17 https://github.com/opencast/opencast 16 https://github.com/geoserver/geoserver 15 https://github.com/apache/camel 15 https://github.com/xuxueli/xxl-job 13 https://github.com/undertow-io/undertow 13 https://github.com/ming-soft/MCMS 13 https://github.com/apache/kylin 12 https://github.com/apache/dolphinscheduler 12 https://github.com/dromara/hutool 12 https://github.com/igniterealtime/Openfire 11 https://github.com/vaadin/flow 11 https://github.com/quarkusio/quarkus 11 https://github.com/jenkinsci/git-plugin 10 https://github.com/jquery/jquery 10 https://github.com/spring-projects/spring-security 9 https://github.com/DSpace/DSpace 9 https://github.com/Graylog2/graylog2-server 9 https://github.com/cui2shark/cms 9 https://github.com/apache/lucene-solr 9 https://github.com/jenkinsci/config-file-provider-plugin 8 https://github.com/hazelcast/hazelcast 8 https://github.com/apache/zeppelin 8 https://github.com/opensearch-project/security 8 https://github.com/nahsra/antisamy 8 https://github.com/xwiki/xwiki-commons 8 https://github.com/RhinoSecurityLabs/CVEs 7 https://github.com/ratpack/ratpack 7 https://github.com/pgjdbc/pgjdbc 7 https://github.com/vaadin/framework 7 https://github.com/rubygems/rubygems 7 https://github.com/jflyfox/jfinal_cms 7 https://github.com/rundeck/rundeck 7 https://github.com/dataease/dataease 7 https://github.com/jenkinsci/blueocean-plugin 7 https://github.com/OpenTSDB/opentsdb 7 https://github.com/apache/xmlgraphics-batik 7 https://github.com/vert-x3/vertx-web 6 https://github.com/cui2shark/security 6 https://github.com/apache/tika 6 https://github.com/jquery/jquery-ui 6 https://github.com/line/armeria 6 https://github.com/ls1intum/Ares 6 https://github.com/http4s/http4s 6 https://github.com/jenkinsci/ec2-plugin 6 https://github.com/jenkinsci/gerrit-trigger-plugin 6 https://github.com/apache/hadoop 6 https://github.com/jenkinsci/fortify-on-demand-uploader-plugin 6 https://github.com/jenkinsci/electricflow-plugin 6 https://github.com/jenkinsci/configuration-as-code-plugin 6 https://github.com/playframework/playframework 6 https://github.com/OpenRefine/OpenRefine 6 https://github.com/jenkinsci/build-failure-analyzer-plugin 6 https://github.com/resteasy/resteasy 6 https://github.com/apache/pulsar 6 https://bitbucket.org/snakeyaml/snakeyaml 6 https://github.com/ESAPI/esapi-java-legacy 6 https://github.com/DrunkenShells/Disclosures 6 https://github.com/h2database/h2database 5 https://github.com/jenkinsci/support-core-plugin 5 https://github.com/PowerJob/PowerJob 5 https://github.com/jenkinsci/subversion-plugin 5 https://github.com/neo4j-contrib/neo4j-apoc-procedures 5 https://bitbucket.org/connect2id/nimbus-jose-jwt 5 https://github.com/jenkinsci/m2release-plugin 5 https://github.com/jenkinsci/email-ext-plugin 5 https://github.com/OpenAPITools/openapi-generator 5 https://github.com/apiman/apiman 5 https://github.com/grails/grails-core 5 https://github.com/jenkinsci/publish-over-ssh-plugin 5 https://github.com/alibaba/nacos 5 https://github.com/JLLeitschuh/security-research 5 https://github.com/jenkinsci/active-directory-plugin 5 https://github.com/jettison-json/jettison 5 https://github.com/jensdietrich/xshady-release 5 https://github.com/restlet/restlet-framework-java 5 https://github.com/jenkinsci/codedx-plugin 5 https://github.com/apache/karaf 5 https://github.com/apache/shenyu 5 https://github.com/jenkinsci/workflow-cps-global-lib-plugin 5 https://github.com/apache/shiro 5 https://github.com/jenkinsci/gitlab-plugin 5 https://github.com/protocolbuffers/protobuf 5 https://github.com/jenkinsci/github-plugin 5 https://github.com/apache/geode 5 https://github.com/jenkinsci/junit-plugin 5 https://github.com/apache/openmeetings 5 https://github.com/apache/syncope 4 https://github.com/pippo-java/pippo 4 https://github.com/apache/solr 4 https://github.com/reportportal/reportportal 4 https://github.com/resteasy/Resteasy 4 https://github.com/jenkinsci/nexus-platform-plugin 4 https://github.com/jenkinsci/p4-plugin 4 https://github.com/jenkinsci/matrix-project-plugin 4 https://github.com/jenkinsci/rundeck-plugin 4 https://github.com/jenkinsci/libvirt-slave-plugin 4 https://github.com/jenkinsci/warnings-ng-plugin 4 https://github.com/jenkinsci/workflow-cps-plugin 4 https://github.com/jenkinsci/job-config-history-plugin 4 https://github.com/jenkinsci/xldeploy-plugin 4 https://github.com/jfinal/jfinal 4 https://github.com/jenkinsci/htmlpublisher-plugin 4 https://github.com/jenkinsci/hpe-application-automation-tools-plugin 4 https://github.com/ktorio/ktor 4 https://github.com/HtmlUnit/htmlunit 4 https://github.com/jenkinsci/gitlab-oauth-plugin 4 https://github.com/micronaut-projects/micronaut-core 4 https://github.com/jenkinsci/fortify-plugin 4 https://github.com/aws/aws-iot-device-sdk-java-v2 4 https://github.com/nightcloudos/new_cms 4 https://github.com/infinispan/infinispan 4 https://github.com/itext/itext7 4 https://github.com/shopizer-ecommerce/shopizer 4 https://github.com/jenkinsci/active-choices-plugin 4 https://github.com/apache/httpcomponents-client 4 https://github.com/stanfordnlp/corenlp 4 https://github.com/yamcs/yamcs 4 https://github.com/jenkinsci/ansible-plugin 4 https://github.com/xerial/snappy-java 4 https://github.com/jenkinsci/credentials-binding-plugin 4 https://github.com/alkacon/opencms-core 4 https://github.com/apache/activemq-artemis 4 https://github.com/jenkinsci/jira-plugin 3 https://github.com/jenkinsci/audit-trail-plugin 3 https://svn.apache.org/viewvc/lucene/dev 3 https://github.com/jenkinsci/crx-content-package-deployer-plugin 3 https://github.com/wildfly/wildfly-core 3 https://github.com/jenkinsci/code-coverage-api-plugin 3 https://github.com/AsyncHttpClient/async-http-client 3 https://github.com/intranda/goobi-viewer-core 3 https://github.com/opengoofy/hippo4j 3 https://github.com/eclipse-ee4j/mojarra 3 https://github.com/grpc/grpc 3 https://github.com/jenkinsci/bitbucket-oauth-plugin 3 https://github.com/eclipse/lemminx 3 https://github.com/jenkinsci/kubernetes-plugin 3 https://github.com/jenkinsci/cloudbees-jenkins-advisor-plugin 3 https://github.com/orientechnologies/orientdb 3 https://github.com/jenkinsci/embeddable-build-status-plugin 3 https://github.com/OWASP/json-sanitizer 3 https://github.com/jenkinsci/liquibase-runner-plugin 3 https://github.com/apache/jackrabbit 3 https://github.com/eclipse-vertx/vert.x 3 https://github.com/wso2/carbon-registry 3 https://github.com/peteroupc/CBOR-Java 3 https://github.com/pf4j/pf4j 3 https://github.com/jenkinsci/nomad-plugin 3 https://github.com/jenkinsci/lucene-search-plugin 3 https://github.com/jenkinsci/cas-plugin 3 https://github.com/codehaus-plexus/plexus-utils 3 https://github.com/jenkinsci/hashicorp-vault-plugin 3 https://github.com/xwiki/xwiki-rendering 3 https://github.com/LetianYuan/My-CVE-Public-References 3 https://github.com/jenkinsci/azure-vm-agents-plugin 3 https://github.com/jooby-project/jooby 3 https://github.com/li-yu320/cms 3 https://github.com/joniles/mpxj 3 https://github.com/apache/dubbo 3 https://github.com/apache/derby 3 https://github.com/jenkinsci/azure-credentials-plugin 3 https://github.com/apache/cxf-fediz 3 https://github.com/jhy/jsoup 3 https://github.com/matrix-org/matrix-android-sdk2 3 https://github.com/jenkinsci/git-parameter-plugin 3 https://github.com/mbechler/marshalsec 3 https://github.com/jenkinsci/compuware-topaz-for-total-test-plugin 3 https://github.com/jenkinsci/gitlab-branch-source-plugin 3 https://github.com/apache/flume 3 https://github.com/apache/geronimo 3 https://github.com/jeremylong/DependencyCheck 3 https://github.com/Adobe-Consulting-Services/acs-aem-commons 3 https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server 3 https://github.com/apache/commons-configuration 3 https://github.com/jenkinsci/git-client-plugin 3 https://bitbucket.org/b_c/jose4j 3 https://github.com/Jarvis-616/cms 3 https://github.com/ysuzhangbin/cms 3 https://github.com/Rabb1ter/cms 3