Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

maven Security Advisories

Loading...
High
GSA_kwCzR0hTQS14cnJ3LTlqNzgtaHBmM84AA5zs
Jenkins HTML Publisher Plugin Stored XSS vulnerability
Ecosystems: maven
Packages: org.jenkins-ci.plugins:htmlpublisher
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
Moderate
GSA_kwCzR0hTQS04Zm00LXIyM3AtdjY4ds4AA5zr
Jenkins MQ Notifier Plugin exposes sensitive information in build logs
Ecosystems: maven
Packages: com.sonymobile.jenkins.plugins.mq:mq-notifier
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
Moderate
GSA_kwCzR0hTQS1ydjM1LTY5ZmYtZzlnds4AA5zb
Jenkins Subversion Partial Release Manager Plugin vulnerable to Cross-Site Request Forgery
Ecosystems: maven
Packages: org.jenkins-ci.plugins:svn-partial-release-mgr
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
High
GSA_kwCzR0hTQS05cHA0LW14NngteGgzNs4AA5zX
Jenkins OWASP Dependency-Check Plugin has stored XSS vulnerability
Ecosystems: maven
Packages: org.jenkins-ci.plugins:dependency-check-jenkins-plugin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
Moderate
GSA_kwCzR0hTQS1tNHJtLXgycnItMzU3d84AA5zW
Jenkins Bitbucket Branch Source Plugin has incorrect trust policy behavior for pull requests
Ecosystems: maven
Packages: org.jenkins-ci.plugins:cloudbees-bitbucket-branch-source
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
High
GSA_kwCzR0hTQS01ajVyLTZtdjktbTI1Nc4AA5zY
Jenkins Build Monitor View Plugin vulnerable to stored Cross-site Scripting
Ecosystems: maven
Packages: org.jenkins-ci.plugins:build-monitor-plugin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
High
GSA_kwCzR0hTQS01ajc0LWczYzUtd3F3d84AA5za
Jenkins GitBucket Plugin vulnerable to stored Cross-site Scripting
Ecosystems: maven
Packages: org.jenkins-ci.plugins:gitbucket
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
Moderate
GSA_kwCzR0hTQS1tNzU3LXA4cnYtNHE5M84AA5zJ
Apache Linkis DataSource: DataSource module Oracle SQL Database Password Logged
Ecosystems: maven
Packages: org.apache.linkis:linkis
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
High
GSA_kwCzR0hTQS1wMmd4LTQ0MzQtcGY2Z84AA5y_
Apache InLong: Logged-in user could exploit an arbitrary file read vulnerability
Ecosystems: maven
Packages: org.apache.inlong:manager-common
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Moderate
GSA_kwCzR0hTQS1ocDJ4LTZ2cm0tN2o3ds4AA5sA
Apache Archiva Reflected Cross-site Scripting vulnerability
Ecosystems: maven
Packages: org.apache.archiva:archiva-common
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Moderate
GSA_kwCzR0hTQS1oNTk1LXZ3aGMtM3h3eM4AA5r-
Apache Archiva Incorrect Authorization vulnerability
Ecosystems: maven
Packages: org.apache.archiva:archiva
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
Moderate
GSA_kwCzR0hTQS1ydjRoLW00d2Mtdjk5d84AA5r9
Apache Archiva Incorrect Authorization vulnerability
Ecosystems: maven
Packages: org.apache.archiva:archiva
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
Moderate
GSA_kwCzR0hTQS05cTZ2LXJ4bXctZzNnaM4AA5ry
Apache Ambari: Various Cross site scripting problems
Ecosystems: maven
Packages: org.apache.ambari:ambari
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
Moderate
GSA_kwCzR0hTQS12cjY0LXI5cWotaDI3Zs4AA5o_
Reading specially crafted serializable objects from an untrusted source may cause an infinite loop and denial of service
Ecosystems: maven
Packages: org.clojure:clojure
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Low
GSA_kwCzR0hTQS0zaHJyLXh3dmctaHh2cs4AA5pB
Keycloak DoS via account lockout
Ecosystems: maven
Packages: org.keycloak:keycloak-core
Source: GitHub Advisory Database
Blast Radius: 11.3
Published: about 2 months ago
Moderate
GSA_kwCzR0hTQS02cXZ3LTI0OWotaDQ0Y84AA5mp
jose4j denial of service via specifically crafted JWE
Ecosystems: maven
Packages: org.bitbucket.b_c:jose4j
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
High
GSA_kwCzR0hTQS14aDZtLTdjcjcteHg2Ns4AA5jR
Missing permission checks on Hazelcast client protocol
Ecosystems: maven
Packages: com.hazelcast:hazelcast
Source: GitHub Advisory Database
Blast Radius: 30.5
Published: about 2 months ago
Moderate
GSA_kwCzR0hTQS1qdzdyLXJ4ZmYtZ3YyNM4AA5if
Apache James MIME4J improper input validation vulnerability
Ecosystems: maven
Packages: org.apache.james:apache-mime4j-core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Moderate
GSA_kwCzR0hTQS1xcnA5LTIzcDctZzVtZs4AA5ic
Apache Ambari XML External Entity injection
Ecosystems: maven
Packages: org.apache.ambari.contrib.views:wfmanager
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
Moderate
GSA_kwCzR0hTQS1wNXE5LTg2dzQtMnhyNc4AA5iD
SMTP smuggling in Apache James
Ecosystems: maven
Packages: org.apache.james:james-server
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
High
GSA_kwCzR0hTQS1yZ2hjLTlmaHgtaDMybc4AA5hV
Apache Ambari: authenticated users could perform command injection to perform RCE
Ecosystems: maven
Packages: org.apache.ambari.contrib.views:ambari-contrib-views
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
Moderate
GSA_kwCzR0hTQS1weDd3LWM5Z3ctN2dqM84AA5hU
Apache James server: Privilege escalation via JMX pre-authentication deserialization
Ecosystems: maven
Packages: org.apache.james:james-server
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
High
GSA_kwCzR0hTQS1yZ2d2LWN2N3ItbXc5OM4AA5gs
Connection leaking on idle timeout when TCP congested
Ecosystems: maven
Packages: org.eclipse.jetty.http3:jetty-http3-common, org.eclipse.jetty.http2:jetty-http2-common, org.eclipse.jetty.http3:http3-common, org.eclipse.jetty.http2:http2-common
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: about 2 months ago
Critical
GSA_kwCzR0hTQS1oeDVxLXY2cGotNTMzcs4AA5go
SAML authentication bypass due to missing validation on unsigned SAML messages
Ecosystems: maven
Packages: com.linecorp.centraldogma:centraldogma-server-auth-saml
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
Critical
GSA_kwCzR0hTQS00bTZqLTIzcDItOGM1NM4AA5gn
Armeria SAML authentication bypass due to missing validation on unsigned SAML messages
Ecosystems: maven
Packages: com.linecorp.armeria:armeria-saml
Source: GitHub Advisory Database
Blast Radius: 4.3
Published: about 2 months ago
Low
GSA_kwCzR0hTQS1xcHhtLTY4OXItMzg0Oc4AA5gL
Apache Camel data exposure vulnerability
Ecosystems: maven
Packages: org.apache.camel:camel-core
Source: GitHub Advisory Database
Blast Radius: 11.4
Published: about 2 months ago
Critical
GSA_kwCzR0hTQS1yYzZoLXF3ajktMmM1M84AA5em
Apache DolphinScheduler vulnerable to arbitrary JavaScript execution as root for authenticated users
Ecosystems: maven
Packages: org.apache.dolphinscheduler:dolphinscheduler
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 2 months ago
High
GSA_kwCzR0hTQS1jY2d2LXZqNjIteGY5aM4AA5d5
Spring Web vulnerable to Open Redirect or Server Side Request Forgery
Ecosystems: maven
Packages: org.springframework:spring-web
Source: GitHub Advisory Database
Blast Radius: 42.0
Published: 2 months ago
Critical
GSA_kwCzR0hTQS0yNHJwLXEzdzYtdmM1Ns4AA5cA
org.postgresql:postgresql vulnerable to SQL Injection via line comment generation
Ecosystems: maven
Packages: org.postgresql:postgresql
Source: GitHub Advisory Database
Blast Radius: 52.5
Published: 2 months ago
Moderate
GSA_kwCzR0hTQS00aGZwLW05Z3YtbTc1M84AA5bO
XWiki extension license information is public, exposing instance id and license holder details
Ecosystems: maven
Packages: com.xwiki.licensing:application-licensing-licensor-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 2 months ago
Critical
GSA_kwCzR0hTQS1xMmN2LTdqNTgtcmZtas4AA5bF
Liferay Portal Document and Media widget and Liferay DXP vulnerable to stored Cross-site Scripting
Ecosystems: maven
Packages: com.liferay.portal:release.dxp.bom, com.liferay.portal:release.portal.bom
Source: GitHub Advisory Database
Blast Radius: 13.8
Published: 2 months ago
Moderate
GSA_kwCzR0hTQS1oZ3I2LTZoaHctODgzZs4AA5aV
Liferay Portal Calendar module and Liferay DXP vulnerable to Cross-site Scripting, content spoofing
Ecosystems: maven
Packages: com.liferay.portal:release.dxp.bom, com.liferay.portal:release.portal.bom
Source: GitHub Advisory Database
Blast Radius: 8.2
Published: 2 months ago
Critical
GSA_kwCzR0hTQS00NGpnLWpnangtM3hnNc4AA5aM
Liferay Portal's Dynamic Data Mapping module's DDMForm and Liferay DXP vulnerable to stored Cross-site Scripting
Ecosystems: maven
Packages: com.liferay.portal:release.dxp.bom, com.liferay.portal:release.portal.bom
Source: GitHub Advisory Database
Blast Radius: 13.8
Published: 2 months ago
Critical
GSA_kwCzR0hTQS1yd2h2LWh2ajItcXJxbc4AA5aN
Liferay Portal Frontend JS module's portlet.js and Liferay DXP vulnerable to Cross-site Scripting
Ecosystems: maven
Packages: com.liferay.portal:release.dxp.bom, com.liferay.portal:release.portal.bom
Source: GitHub Advisory Database
Blast Radius: 14.7
Published: 2 months ago
Critical
GSA_kwCzR0hTQS1yd3hjLTRjbXctN3g3Nc4AA5aL
Liferay Portal and Liferay DXP vulnerable to stored Cross-site Scripting
Ecosystems: maven
Packages: com.liferay.portal:release.dxp.bom, com.liferay.portal:release.portal.bom
Source: GitHub Advisory Database
Blast Radius: 13.8
Published: 2 months ago
Critical
GSA_kwCzR0hTQS14cGpnLTdoeDctd2djeM4AA5aI
Liferay Portal and Liferay DXP vulnerable to Cross-site Scripting
Ecosystems: maven
Packages: com.liferay.portal:release.dxp.bom, com.liferay.portal:release.portal.bom
Source: GitHub Advisory Database
Blast Radius: 14.7
Published: 2 months ago
Critical
GSA_kwCzR0hTQS1jcjM2LTN2cWYteDV3Nc4AA5aK
Liferay Portal Expando module and Liferay DXP vulnerable to stored Cross-site Scripting
Ecosystems: maven
Packages: com.liferay.portal:release.dxp.bom, com.liferay.portal:release.portal.bom
Source: GitHub Advisory Database
Blast Radius: 13.8
Published: 2 months ago
Critical
GSA_kwCzR0hTQS1wMjh4LTRyNWgtcGg2as4AA5aJ
Liferay Portal Message Board widget and Liferay DXP vulnerable to stored Cross-site Scripting
Ecosystems: maven
Packages: com.liferay.portal:release.dxp.bom, com.liferay.portal:release.portal.bom
Source: GitHub Advisory Database
Blast Radius: 13.8
Published: 2 months ago
Critical
GSA_kwCzR0hTQS12MnhxLW0yMnctam1wcs4AA5aH
Liferay Portal and Liferay DXP's Users Admin module vulnerable to stored Cross-site Scripting
Ecosystems: maven
Packages: com.liferay.portal:release.dxp.bom, com.liferay.portal:release.portal.bom
Source: GitHub Advisory Database
Blast Radius: 13.8
Published: 2 months ago
Critical
GSA_kwCzR0hTQS03M3gzLThtcmctNXI5M84AA5aE
Liferay Portal Language Override edit screen and Liferay DXP vulnerable to reflected Cross-site Scripting
Ecosystems: maven
Packages: com.liferay.portal:release.dxp.bom, com.liferay.portal:release.portal.bom
Source: GitHub Advisory Database
Blast Radius: 14.7
Published: 2 months ago
Critical
GSA_kwCzR0hTQS01NHB2LXI2MmotOXFxY84AA5aC
Liferay Portal and Liferay DXP vulnerable to reflected Cross-site Scripting
Ecosystems: maven
Packages: com.liferay.portal:release.dxp.bom, com.liferay.portal:release.portal.bom
Source: GitHub Advisory Database
Blast Radius: 14.7
Published: 2 months ago
Critical
GSA_kwCzR0hTQS00Njh4LWZyY20tZ2h4Ns4AA5aB
Liferay Portal and Liferay DXP vulnerable to reflected Cross-site Scripting
Ecosystems: maven
Packages: com.liferay.portal:release.dxp.bom, com.liferay.portal:release.portal.bom
Source: GitHub Advisory Database
Blast Radius: 13.8
Published: 2 months ago
Moderate
GSA_kwCzR0hTQS03cncyLTNoaHAtcmM0Ns4AA5Z0
Cross-site Scripting Vulnerability in Statement Browser
Ecosystems: maven
Packages: com.yetanalytics:lrs
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 2 months ago
High
GSA_kwCzR0hTQS1tNDNwLTU1cmYtOGMyas4AA5ZF
Deserialization of Untrusted Data in Apache Camel CassandraQL
Ecosystems: maven
Packages: org.apache.camel:camel-cassandraql
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 months ago
High
GSA_kwCzR0hTQS0zNnhyLTR4MmYtY2ZqOc4AA5ZD
Deserialization of Untrusted Data in Apache Camel SQL
Ecosystems: maven
Packages: org.apache.camel:camel-sql
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 months ago
High
GSA_kwCzR0hTQS1mZjJ3LXdtNDgtamhxas4AA5Yj
Arbitrary File Read Vulnerability in Apache Dolphinscheduler
Ecosystems: maven
Packages: org.apache.dolphinscheduler:dolphinscheduler
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 2 months ago
Moderate
GSA_kwCzR0hTQS12anFjLWc3ODgtZjM3OM4AA5Yg
Session Fixation Apache DolphinScheduler
Ecosystems: maven
Packages: org.apache.dolphinscheduler:dolphinscheduler
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 2 months ago
High
GSA_kwCzR0hTQS0zN2d4LWpxeDktZndtZ84AA5Yi
Improper Certificate Validation in Apache DolphinScheduler
Ecosystems: maven
Packages: org.apache.dolphinscheduler:dolphinscheduler
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 2 months ago
High
GSA_kwCzR0hTQS1xd3h4LXh3dzYtOHE4bc4AA5Yb
Remote Code Execution in Apache Dolphinscheduler
Ecosystems: maven
Packages: org.apache.dolphinscheduler:dolphinscheduler
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 2 months ago
High
GSA_kwCzR0hTQS13M3c2LTI2ZjItcDQ3NM4AA5YR
Broken Access Control in Spring Security With Direct Use of isFullyAuthenticated
Ecosystems: maven
Packages: org.springframework.security:spring-security-core
Source: GitHub Advisory Database
Blast Radius: 34.4
Published: 2 months ago
High
GSA_kwCzR0hTQS00MjY1LWNjZjUtcGhqNc4AA5Xn
Apache Commons Compress: OutOfMemoryError unpacking broken Pack200 file
Ecosystems: maven
Packages: org.apache.commons:commons-compress
Source: GitHub Advisory Database
Blast Radius: 32.8
Published: 2 months ago
High
GSA_kwCzR0hTQS00ZzlyLXZ4aHgtOXBneM4AA5Xm
Apache Commons Compress: Denial of service caused by an infinite loop for a corrupted DUMP file
Ecosystems: maven
Packages: org.apache.commons:commons-compress
Source: GitHub Advisory Database
Blast Radius: 35.9
Published: 2 months ago
Low
GSA_kwCzR0hTQS00N2czLW1mMjQtNjU1Oc4AA5WN
Vulnerability affecting the org.openjfx:javafx-media maven component of the OpenJFX project
Ecosystems: maven
Packages: org.openjfx:javafx-media
Source: GitHub Advisory Database
Blast Radius: 9.7
Published: 2 months ago
Moderate
GSA_kwCzR0hTQS04aDR4LXh2anAtdmY5Oc4AA5V1
Hazelcast Platform permission checking in CSV File Source connector
Ecosystems: maven
Packages: com.hazelcast:hazelcast, com.hazelcast:hazelcast-enterprise
Source: GitHub Advisory Database
Blast Radius: 26.1
Published: 2 months ago
Moderate
GSA_kwCzR0hTQS01bXA0LTMycnItdjN4Nc4AA5Rp
Absolute path traversal vulnerability in digdag server
Ecosystems: maven
Packages: io.digdag:digdag-server
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 2 months ago
Moderate
GSA_kwCzR0hTQS12NzZ3LTNwaDgtdm02Ns4AA5Oc
Undertow Path Traversal vulnerability
Ecosystems: maven
Packages: io.undertow:undertow-core
Source: GitHub Advisory Database
Blast Radius: 19.7
Published: 2 months ago
High
GSA_kwCzR0hTQS02cDkyLXFmcWYtcXd4NM4AA5N0
OpenRefine JDBC Attack Vulnerability
Ecosystems: maven
Packages: org.openrefine:database
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 2 months ago
Moderate
GSA_kwCzR0hTQS1ndnBnLXZnbXgteGc2d84AA5M9
Denial of Service in Connect2id Nimbus JOSE+JWT
Ecosystems: maven
Packages: com.nimbusds:nimbus-jose-jwt
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
High
GSA_kwCzR0hTQS00dzR2LTVoYzkteHJyMs4AA5Mb
angular vulnerable to super-linear runtime due to backtracking
Ecosystems: maven, npm
Packages: org.webjars.bower:angular, org.webjars.npm:angular, angular
Source: GitHub Advisory Database
Blast Radius: 51.8
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS0zN3ZyLXZtZzQtandwd84AA5MQ
Apache Solr: Backup/Restore APIs allow for deployment of executables in malicious ConfigSets
Ecosystems: maven
Packages: org.apache.solr:solr-core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
Low
GSA_kwCzR0hTQS00d3h3LTQyd3gtMndmeM4AA5MP
Apache Solr Schema Designer blindly "trusts" all configsets
Ecosystems: maven
Packages: org.apache.solr:solr-core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
Low
GSA_kwCzR0hTQS14cmo3LXg3Z3Atd3dxcs4AA5MN
Apache Solr's Streaming Expressions allow users to extract data from other Solr Clouds
Ecosystems: maven
Packages: org.apache.solr:solr-solrj, org.apache.solr:solr-solrj-streaming
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS0zaHdjLXJxd3AtdjM2cc4AA5MO
Apache Solr can leak certain passwords due to System Property redaction logic inconsistencies
Ecosystems: maven
Packages: org.apache.solr:solr-core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS01ODNnLWc2ODItY3J4Zs4AA5Lp
Micronaut management endpoints vulnerable to drive-by localhost attack
Ecosystems: maven
Packages: io.micronaut:micronaut-http-server-tck, io.micronaut:micronaut-http-server-netty, io.micronaut:micronaut-http-server
Source: GitHub Advisory Database
Blast Radius: 16.0
Published: 3 months ago
High
GSA_kwCzR0hTQS1jMzUyLXg4NDMtZ2dwcc4AA5KR
XXL-JOB vulnerable to Server-Side Request Forgery
Ecosystems: maven
Packages: com.xuxueli:xxl-job
Source: GitHub Advisory Database
Blast Radius: 6.2
Published: 3 months ago
High
GSA_kwCzR0hTQS1xd2o4LXFncHItOGNybc4AA5J7
Liferay Portal vulnerable to user impersonation
Ecosystems: maven
Packages: com.liferay.portal:release.dxp.bom, com.liferay.portal:release.portal.bom
Source: GitHub Advisory Database
Blast Radius: 12.3
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS13Mjc1LW04Y3ItaGYyds4AA5J4
Liferay Portal denial-of-service vulnerability
Ecosystems: maven
Packages: com.liferay.portal:release.dxp.bom, com.liferay.portal:release.portal.bom
Source: GitHub Advisory Database
Blast Radius: 6.2
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS1tcWY4LTRjcW0tcDgzeM4AA5J6
Liferay Portal allows attackers to discover the existence of sites
Ecosystems: maven
Packages: com.liferay.portal:release.dxp.bom, com.liferay.portal:release.portal.bom
Source: GitHub Advisory Database
Blast Radius: 8.0
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS0ybXg3LXh2ZmctZmc1M84AA5J2
Liferay Portal's account lockout does not invalidate existing user sessions
Ecosystems: maven
Packages: com.liferay.portal:release.dxp.bom, com.liferay.portal:release.portal.bom
Source: GitHub Advisory Database
Blast Radius: 8.2
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS0zeGY4LWc4Z3ItZzdyaM4AA5JO
Graylog session fixation vulnerability through cookie injection
Ecosystems: maven
Packages: org.graylog2:graylog2-server
Source: GitHub Advisory Database
Blast Radius: 11.2
Published: 3 months ago
High
GSA_kwCzR0hTQS1wNmdnLTVoZjQtNHJnas4AA5JN
Graylog vulnerable to instantiation of arbitrary classes triggered by API request
Ecosystems: maven
Packages: org.graylog2:graylog2-server
Source: GitHub Advisory Database
Blast Radius: 17.4
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS04N20zLTZxajMtcDN4aM4AA5JH
Liferay Portal denial of service (memory consumption)
Ecosystems: maven
Packages: com.liferay.portal:release.portal.bom
Source: GitHub Advisory Database
Blast Radius: 9.9
Published: 3 months ago
Critical
GSA_kwCzR0hTQS05dmdxLXc1cHYtdjc3cc4AA5JF
Liferay Portal stored cross-site scripting (XSS) vulnerability
Ecosystems: maven
Packages: com.liferay.portal:release.dxp.bom, com.liferay.portal:release.portal.bom
Source: GitHub Advisory Database
Blast Radius: 14.7
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS02NzI2LTJyeDMtY2d3aM4AA5JB
Apache Ozone Improper Authentication vulnerability
Ecosystems: maven
Packages: org.apache.ozone:ozone-main
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
High
GSA_kwCzR0hTQS1jNTd2LTR2ZzUtY20yeM4AA5I5
Apache Pulsar SASL Authentication Provider observable timing discrepancy vulnerability
Ecosystems: maven
Packages: org.apache.pulsar:pulsar-broker-auth-sasl
Source: GitHub Advisory Database
Blast Radius: 7.1
Published: 3 months ago
High
GSA_kwCzR0hTQS1oMnJxLXFocjctNTNnbc4AA5HR
Apache Sling Servlets Resolver executes malicious code via path traversal
Ecosystems: maven
Packages: org.apache.sling:org.apache.sling.servlets.resolver
Source: GitHub Advisory Database
Blast Radius: 9.0
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS05Z3A4LTZjZzgtN2gzNM4AA5Ey
Spring Security's spring-security.xsd file is world writable
Ecosystems: maven
Packages: org.springframework.security:spring-security-config
Source: GitHub Advisory Database
Blast Radius: 26.5
Published: 3 months ago
High
GSA_kwCzR0hTQS03cXc0LTlyNjgtMnJteM4AA5Em
mingSoft MCMS File Upload vulnerability
Ecosystems: maven
Packages: net.mingsoft:ms-mcms
Source: GitHub Advisory Database
Blast Radius: 2.6
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS0ybXJxLXc4cHYtNXB2cc4AA5Bn
Malicious input can provoke XSS when preserving comments
Ecosystems: maven
Packages: org.owasp.antisamy:antisamy
Source: GitHub Advisory Database
Blast Radius: 16.2
Published: 3 months ago
Critical
GSA_kwCzR0hTQS0zNHEzLXAzNTItYzdxOM4AA5Bm
Central Dogma Authentication Bypass Vulnerability via Session Leakage
Ecosystems: maven
Packages: com.linecorp.centraldogma:centraldogma-server
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
Critical
GSA_kwCzR0hTQS05Z2g4LTg3N3ItZzQ3N84AA5Ap
Beetl Server-Side Template Injection vulnerability
Ecosystems: maven
Packages: com.ibeetl:beetl-core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
Low
GSA_kwCzR0hTQS1wNnJwLW14ODUtbTQ1Oc4AA49f
Spring Cloud Contract vulnerable to local information disclosure
Ecosystems: maven
Packages: org.springframework.cloud:spring-cloud-contract-shade
Source: GitHub Advisory Database
Blast Radius: 3.8
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS00NzVnLXZqNmMteGY5Ns4AA481
CrateDB database has an arbitrary file read vulnerability
Ecosystems: maven
Packages: io.crate:crate
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
High
GSA_kwCzR0hTQS03bWd4LWd2anctbTN3M84AA474
CrateDB authentication bypass vulnerability
Ecosystems: maven
Packages: io.crate:crate
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
High
GSA_kwCzR0hTQS0zdnZjLXY4YzItNDNyN84AA46l
Apache Kylin has Insufficiently Protected Credentials
Ecosystems: maven
Packages: org.apache.kylin:kylin-core-common
Source: GitHub Advisory Database
Blast Radius: 11.2
Published: 3 months ago
High
GSA_kwCzR0hTQS04ajN4LXczNXItcnc0cs4AA43J
Quarkus Improper Handling of Insufficient Permissions or Privileges and Improper Handling of Exceptional Conditions vulnerability
Ecosystems: maven
Packages: io.quarkus.resteasy.reactive:resteasy-reactive
Source: GitHub Advisory Database
Blast Radius: 17.9
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS1mdzloLWN4eDktZ2ZxM84AA4qy
Shared projects are unconditionally discovered by Jenkins GitLab Branch Source Plugin
Ecosystems: maven
Packages: io.jenkins.plugins:gitlab-branch-source
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS04cjkzLTU5Y2YtMzU4Zs4AA4q1
CSRF vulnerability in Jenkins GitLab Branch Source Plugin
Ecosystems: maven
Packages: io.jenkins.plugins:gitlab-branch-source
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
Critical
GSA_kwCzR0hTQS02ZjlnLWN4d3ItcTVqcs4AA4qu
Arbitrary file read vulnerability through the Jenkins CLI can lead to RCE
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
High
GSA_kwCzR0hTQS12cGg1LTJxMzMtN3I5aM4AA4qx
Arbitrary file read vulnerability in Git server Plugin can lead to RCE
Ecosystems: maven
Packages: org.jenkins-ci.plugins:git-server
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
Low
GSA_kwCzR0hTQS1mNjdmLTJqNnItbTRjOc4AA4q0
Non-constant time webhook token comparison in Jenkins GitLab Branch Source Plugin
Ecosystems: maven
Packages: io.jenkins.plugins:gitlab-branch-source
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
High
GSA_kwCzR0hTQS1xanBmLTJqaHgtMzc1OM4AA4qz
Arbitrary file read vulnerability in Jenkins Log Command Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:log-command
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
High
GSA_kwCzR0hTQS01M3BoLTJyMngtdnF3OM4AA4qv
Cross-site WebSocket hijacking vulnerability in the Jenkins CLI
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS1jamdtLTl2YzktNTZteM4AA4qw
Path traversal vulnerability in Jenkins Matrix Project Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:matrix-project
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
High
GSA_kwCzR0hTQS14MjJ4LTVwcDktOHY3Zs4AA4q2
Content-Security-Policy disabled by Red Hat Dependency Analytics Jenkins Plugin
Ecosystems: maven
Packages: io.jenkins.plugins:redhat-dependency-analytics
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS1xaDJ3LTltN3ctaGpnMs4AA4pF
Cross-site Scripting in JFinal
Ecosystems: maven
Packages: com.jfinal:jfinal
Source: GitHub Advisory Database
Blast Radius: 17.9
Published: 3 months ago
Critical
GSA_kwCzR0hTQS03cThwLTk5NTMtcHh2cs4AA4ov
Remote Command Execution in SOFARPC
Ecosystems: maven
Packages: com.alipay.sofa:rpc-sofa-boot-starter
Source: GitHub Advisory Database
Blast Radius: 21.8
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS12OXdyLTJ4cmctdjd3OM4AA4os
Cross-site Scripting in beetl-bbs
Ecosystems: maven
Packages: com.ibeetl:beetl
Source: GitHub Advisory Database
Blast Radius: 18.7
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS12NDM1LXBmajYtNjhyM84AA4oo
Cross-site Scripting in JFinal
Ecosystems: maven
Packages: com.jfinal:jfinal
Source: GitHub Advisory Database
Blast Radius: 17.9
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS05dm03LXY4d2otM2Zxd84AA4oS
keycloak-core: open redirect via "form_post.jwt" JARM response mode
Ecosystems: maven
Packages: org.keycloak:keycloak-core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
Statistics
Advisories: 18,143
Packages: 8,242
Repositories: 968
Ecosystems: 12
Filter by Severity
Moderate 7,818 High 6,288 Critical 2,787 Low 966
Filter by Ecosystem
maven 5,518 packagist 3,782 pypi 3,552 npm 3,530 go 1,879 nuget 1,390 rubygems 812 cargo 773 swift 31 hex 29 actions 16 pub 8
Filter by Package
org.jenkins-ci.main:jenkins-core 189 org.apache.tomcat:tomcat 134 com.fasterxml.jackson.core:jackson-databind 69 org.apache.struts:struts2-core 55 org.keycloak:keycloak-core 47 com.liferay.portal:release.portal.bom 45 org.apache.tomcat.embed:tomcat-embed-core 37 com.thoughtworks.xstream:xstream 36 com.jfinal:jfinal 36 net.mingsoft:ms-mcms 35 org.xwiki.platform:xwiki-platform-oldcore 34 org.elasticsearch:elasticsearch 32 org.jenkins-ci.plugins:script-security 30 io.undertow:undertow-core 27 org.keycloak:keycloak-services 27 org.apache.solr:solr-core 25 org.keycloak:keycloak-parent 25 org.eclipse.jetty:jetty-server 23 org.springframework.security:spring-security-core 23 org.apache.nifi:nifi 22 org.apache.openmeetings:openmeetings-parent 21 org.cloudfoundry.identity:cloudfoundry-identity-server 20 org.springframework:spring-core 19 com.liferay.portal:release.dxp.bom 18 com.vaadin:vaadin-bom 18 org.bouncycastle:bcprov-jdk14 18 org.xwiki.platform:xwiki-platform-web-templates 17 org.apache.geode:geode-core 17 org.apache.dubbo:dubbo 16 org.bouncycastle:bcprov-jdk15 16 org.apache.activemq:activemq-client 16 org.apache.struts.xwork:xwork-core 15 org.apache.jspwiki:jspwiki-main 15 org.xwiki.platform:xwiki-platform-web 14 org.apache.inlong:manager-pojo 13 org.apache.hadoop:hadoop-main 13 org.apache.cxf:cxf 13 org.jenkins-ci.plugins.workflow:workflow-cps 12 org.jenkins-ci.plugins:git 12 com.vaadin:flow-server 12 org.apache.dolphinscheduler:dolphinscheduler 12 org.igniterealtime.openfire:parent 11 org.jenkins-ci.plugins:email-ext 11 org.apache.cxf:cxf-core 11 org.apache.james:james-server 11 org.apache.commons:commons-compress 11 org.jeecgframework.boot:jeecg-boot-common 11 org.apache.camel:camel-core 11 org.apache.jspwiki:jspwiki-war 11 org.mortbay.jetty:jetty 11 org.apache.ranger:ranger 11 org.apache.hadoop:hadoop-common 11 org.apache.tomcat:tomcat-coyote 11 org.apache.tika:tika-core 11 org.jeecgframework.boot:jeecg-boot-parent 11 com.xuxueli:xxl-job 11 org.jenkins-ci.plugins.workflow:workflow-cps-global-lib 10 io.netty:netty 10 org.jboss.netty:netty 10 org.apache.inlong:manager-service 10 org.xwiki.platform:xwiki-platform-administration-ui 10 org.apache.hive:hive 9 org.craftercms:crafter-studio 9 org.bouncycastle:bcprov-jdk15on 9 org.jenkins-ci.plugins:active-directory 9 org.jenkins-ci.plugins:electricflow 9 org.opencrx:opencrx-core-models 9 org.apache.shiro:shiro-core 9 io.jenkins:configuration-as-code 9 cn.hutool:hutool-core 9 com.sonyericsson.jenkins.plugins.bfa:build-failure-analyzer 9 org.opennms:opennms 9 org.apache.tapestry:tapestry-core 9 org.apache.archiva:archiva 9 org.springframework:spring-web 9 org.apache.xmlgraphics:batik 9 jquery 9 jquery-rails 9 org.apache.tomcat:tomcat-catalina 9 org.jenkins-ci.plugins:config-file-provider 9 org.webjars.npm:jquery 9 org.springframework:spring-webmvc 9 jQuery 8 org.apache.ozone:ozone-main 8 org.postgresql:postgresql 8 com.hazelcast:hazelcast 8 org.apache.kylin:kylin 8 org.apache.zeppelin:zeppelin 8 org.apache.santuario:xmlsec 8 org.apache.ambari:ambari 8 org.apache.hive:hive-exec 8 io.jenkins.blueocean:blueocean 8 org.jenkins-ci.plugins:ec2 8 org.opencms:opencms-core 8 org.apache.pdfbox:pdfbox 8 mysql:mysql-connector-java 8 org.graylog2:graylog2-server 8 org.yaml:snakeyaml 8 org.jenkins-ci.plugins:artifactory 7 org.jenkins-ci.plugins:jobConfigHistory 7 io.dataease:dataease-plugin-common 7 org.jenkins-ci.plugins:rundeck 7 org.silverpeas.core:silverpeas-core-web 7 org.apache.spark:spark-core_2.11 7 io.atomix:atomix 7 org.jboss.resteasy:resteasy-client 7 org.apache.linkis:linkis 7 org.apache.tika:tika 7 io.jenkins.plugins:cavisson-ns-nd-integration 7 org.apache.inlong:manager-web 7 org.owasp.esapi:esapi 7 org.jeecgframework.boot:jeecg-boot-base 7 jQuery.UI.Combined 7 org.apache.hive:hive-service 7 org.webjars.npm:jquery-ui 7 org.owasp.antisamy:antisamy 7 jquery-ui-rails 7 io.jenkins.plugins:miniorange-saml-sp 7 org.jenkins-ci.plugins:subversion 7 org.apache.atlas:atlas-common 7 io.jenkins.plugins:warnings-ng 7 org.apache.logging.log4j:log4j-core 7 jquery-ui 7 org.apache.karaf:apache-karaf 7 org.apache.cxf:apache-cxf 7 org.jenkins-ci.plugins:openshift-deployer 7 rubygems-update 7 org.apache.activemq:activemq-parent 7 org.jenkins-ci.plugins:mercurial 7 org.jruby:jruby-stdlib 7 org.apache.derby:derby 7 net.opentsdb:opentsdb 7 org.apache.poi:poi 7 com.jflyfox:jflyfox_jfinal 6 org.apache.solr:solr-parent 6 org.opencastproject:opencast-kernel 6 org.apache.storm:storm-core 6 org.jenkins-ci.plugins:fortify-on-demand-uploader 6 org.jenkins-ci.plugins:ec2-deployment-dashboard 6 org.xwiki.commons:xwiki-commons-xml 6 org.apache.spark:spark-core_2.10 6 org.apache.mesos:mesos 6 com.sonyericsson.hudson.plugins.gerrit:gerrit-trigger 6 org.jenkins-ci.plugins:pipeline-maven 6 org.apache.httpcomponents:httpclient 6 org.jenkins-ci.plugins:repository-connector 6 org.apache.syncope:syncope-core 6 axis:axis 6 org.opensearch.plugin:opensearch-security 6 io.netty:netty-codec-http 6 org.csanchez.jenkins.plugins:kubernetes 6 de.tum.in.ase:artemis-java-test-sandbox 6 tech.powerjob:powerjob 6 org.jenkins-ci.plugins:gitlab-oauth 6 io.netty:netty-handler 6 commons-fileupload:commons-fileupload 6 org.jenkins-ci.plugins:azure-vm-agents 6 cn.hutool:hutool-json 6 hudson.plugins:project-inheritance 6 com.xebialabs.deployit.ci:deployit-plugin 6 org.apache.pulsar:pulsar-broker 6 org.apache.shenyu:shenyu-common 6 org.apache.axis:axis 6 org.apache.struts:struts2-rest-plugin 6 org.jenkins-ci.plugins:openid 5 org.xwiki.platform:xwiki-platform-appwithinminutes-ui 5 org.apache.cassandra:cassandra-all 5 org.jenkins-ci.plugins:junit 5 org.springframework.amqp:spring-amqp 5 org.apache.druid:druid 5 org.jenkins-ci.plugins:codedx 5 com.ruoyi:ruoyi 5 org.jenkins-ci.plugins:matrix-project 5 org.jenkinsci.plugins:octoperf 5 org.jenkins-ci.plugins:google-login 5 org.opennms:opennms-webapp 5 info.magnolia:magnolia-core 5 edu.stanford.nlp:stanford-corenlp 5 com.google.protobuf:protobuf-java 5 org.codehaus.jettison:jettison 5 org.xwiki.platform:xwiki-platform-flamingo-skin-resources 5 org.jenkins-ci.plugins:azure-ad 5 org.jenkins-ci.plugins:scriptler 5 log4j:log4j 5 org.jenkins-ci.plugins:credentials 5 org.jenkins-ci.plugins:ghprb 5 org.jenkins-ci.plugins:delphix 5 org.jenkins-ci.plugins:websphere-deployer 5 org.apache.hadoop:hadoop-client 5 org.zenframework.z8.dependencies.commons:log4j-1.2.17 5 org.jenkins-ci.plugins:publish-over-ssh 5 org.apache.kylin:kylin-server-base 5 org.jenkins-ci.plugins:support-core 5 org.jboss.resteasy:resteasy-bom 5 org.jenkins-ci.plugins.m2release:m2release 5 org.apache.inlong:manager-dao 5 com.coravy.hudson.plugins.github:github 5 com.mabl.integration.jenkins:mabl-integration 5 org.dspace:dspace-jspui 5 org.jenkins-ci.plugins:gitlab-plugin 5
Filter by Repository
https://github.com/xwiki/xwiki-platform 172 https://github.com/jenkinsci/jenkins 148 https://github.com/apache/tomcat 96 https://github.com/FasterXML/jackson-databind 70 https://github.com/keycloak/keycloak 58 https://github.com/apache/struts 46 https://github.com/spring-projects/spring-framework 41 https://github.com/x-stream/xstream 36 https://github.com/apache/activemq 32 https://github.com/CVEProject/cvelist 28 https://github.com/apache/inlong 25 https://github.com/eclipse/jetty.project 23 https://github.com/apache/nifi 21 https://github.com/OpenNMS/opennms 20 https://github.com/jeecgboot/jeecg-boot 20 https://github.com/netty/netty 20 https://github.com/jenkinsci/script-security-plugin 20 https://github.com/apache/cxf 19 https://github.com/cloudfoundry/uaa 19 https://github.com/bcgit/bc-java 18 https://github.com/vaadin/platform 17 https://github.com/opencast/opencast 16 https://github.com/apache/camel 15 https://github.com/geoserver/geoserver 15 https://github.com/xuxueli/xxl-job 13 https://github.com/quarkusio/quarkus 13 https://github.com/undertow-io/undertow 13 https://github.com/ming-soft/MCMS 13 https://github.com/dromara/hutool 12 https://github.com/apache/kylin 12 https://github.com/apache/dolphinscheduler 12 https://github.com/vaadin/flow 11 https://github.com/igniterealtime/Openfire 11 https://github.com/jquery/jquery 10 https://github.com/jenkinsci/git-plugin 10 https://github.com/Graylog2/graylog2-server 9 https://github.com/DSpace/DSpace 9 https://github.com/apache/lucene-solr 9 https://github.com/cui2shark/cms 9 https://github.com/spring-projects/spring-security 9 https://github.com/opensearch-project/security 8 https://github.com/nahsra/antisamy 8 https://github.com/xwiki/xwiki-commons 8 https://github.com/jenkinsci/config-file-provider-plugin 8 https://github.com/apache/zeppelin 8 https://github.com/hazelcast/hazelcast 8 https://github.com/ratpack/ratpack 7 https://github.com/pgjdbc/pgjdbc 7 https://github.com/jenkinsci/blueocean-plugin 7 https://github.com/RhinoSecurityLabs/CVEs 7 https://github.com/vaadin/framework 7 https://github.com/OpenTSDB/opentsdb 7 https://github.com/apache/xmlgraphics-batik 7 https://github.com/rundeck/rundeck 7 https://github.com/rubygems/rubygems 7 https://github.com/jflyfox/jfinal_cms 7 https://github.com/dataease/dataease 7 https://github.com/jenkinsci/electricflow-plugin 6 https://github.com/vert-x3/vertx-web 6 https://github.com/OpenRefine/OpenRefine 6 https://github.com/DrunkenShells/Disclosures 6 https://github.com/jenkinsci/fortify-on-demand-uploader-plugin 6 https://github.com/apache/hadoop 6 https://github.com/jenkinsci/gerrit-trigger-plugin 6 https://github.com/http4s/http4s 6 https://github.com/line/armeria 6 https://github.com/apache/pulsar 6 https://github.com/apache/tika 6 https://github.com/ESAPI/esapi-java-legacy 6 https://github.com/ls1intum/Ares 6 https://github.com/playframework/playframework 6 https://github.com/resteasy/resteasy 6 https://github.com/jenkinsci/configuration-as-code-plugin 6 https://github.com/jenkinsci/ec2-plugin 6 https://github.com/cui2shark/security 6 https://github.com/jquery/jquery-ui 6 https://github.com/jenkinsci/build-failure-analyzer-plugin 6 https://bitbucket.org/snakeyaml/snakeyaml 6 https://github.com/apache/shiro 5 https://github.com/apache/openmeetings 5 https://github.com/protocolbuffers/protobuf 5 https://github.com/JLLeitschuh/security-research 5 https://github.com/jenkinsci/codedx-plugin 5 https://github.com/jenkinsci/junit-plugin 5 https://github.com/jenkinsci/github-plugin 5 https://github.com/jenkinsci/gitlab-plugin 5 https://github.com/apiman/apiman 5 https://github.com/PowerJob/PowerJob 5 https://github.com/h2database/h2database 5 https://github.com/jenkinsci/support-core-plugin 5 https://github.com/jenkinsci/workflow-cps-global-lib-plugin 5 https://github.com/apache/karaf 5 https://github.com/jenkinsci/subversion-plugin 5 https://github.com/restlet/restlet-framework-java 5 https://github.com/jettison-json/jettison 5 https://github.com/jenkinsci/email-ext-plugin 5 https://github.com/OpenAPITools/openapi-generator 5 https://github.com/alibaba/nacos 5 https://github.com/jenkinsci/m2release-plugin 5 https://github.com/jenkinsci/publish-over-ssh-plugin 5 https://bitbucket.org/connect2id/nimbus-jose-jwt 5 https://github.com/grails/grails-core 5 https://github.com/jensdietrich/xshady-release 5 https://github.com/neo4j-contrib/neo4j-apoc-procedures 5 https://github.com/jenkinsci/active-directory-plugin 5 https://github.com/apache/geode 5 https://github.com/apache/shenyu 5 https://github.com/jenkinsci/rundeck-plugin 4 https://github.com/jenkinsci/htmlpublisher-plugin 4 https://github.com/jenkinsci/hpe-application-automation-tools-plugin 4 https://github.com/jenkinsci/warnings-ng-plugin 4 https://github.com/reportportal/reportportal 4 https://github.com/resteasy/Resteasy 4 https://github.com/jenkinsci/matrix-project-plugin 4 https://github.com/jenkinsci/job-config-history-plugin 4 https://github.com/jenkinsci/nexus-platform-plugin 4 https://github.com/skylot/jadx 4 https://github.com/yamcs/yamcs 4 https://github.com/shopizer-ecommerce/shopizer 4 https://github.com/alkacon/opencms-core 4 https://github.com/aws/aws-iot-device-sdk-java-v2 4 https://github.com/jenkinsci/active-choices-plugin 4 https://github.com/jenkinsci/libvirt-slave-plugin 4 https://github.com/apache/httpcomponents-client 4 https://github.com/jenkinsci/workflow-cps-plugin 4 https://github.com/stanfordnlp/corenlp 4 https://github.com/jenkinsci/xldeploy-plugin 4 https://github.com/jenkinsci/ansible-plugin 4 https://github.com/jenkinsci/fortify-plugin 4 https://github.com/HtmlUnit/htmlunit 4 https://github.com/jenkinsci/gitlab-oauth-plugin 4 https://github.com/itext/itext7 4 https://github.com/infinispan/infinispan 4 https://github.com/apache/syncope 4 https://github.com/ktorio/ktor 4 https://github.com/xerial/snappy-java 4 https://github.com/apache/activemq-artemis 4 https://github.com/nightcloudos/new_cms 4 https://github.com/apache/solr 4 https://github.com/micronaut-projects/micronaut-core 4 https://github.com/jenkinsci/credentials-binding-plugin 4 https://github.com/pippo-java/pippo 4 https://github.com/jenkinsci/p4-plugin 4 https://github.com/jfinal/jfinal 4 https://github.com/orientechnologies/orientdb 3 https://github.com/jenkinsci/azure-credentials-plugin 3 https://github.com/qos-ch/logback 3 https://github.com/OWASP/json-sanitizer 3 https://github.com/jenkinsci/cas-plugin 3 https://github.com/open-metadata/OpenMetadata 3 https://svn.apache.org/viewvc/lucene/dev 3 https://github.com/apache/santuario-java 3 https://github.com/Rabb1ter/cms 3 https://github.com/mbechler/marshalsec 3 https://bitbucket.org/b_c/jose4j 3 https://github.com/apache/ranger 3 https://github.com/jenkinsci/azure-vm-agents-plugin 3 https://github.com/jenkinsci/audit-trail-plugin 3 https://github.com/google/guava 3 https://github.com/eclipse/lemminx 3 https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server 3 https://github.com/jenkinsci/mercurial-plugin 3 https://github.com/jenkinsci/bitbucket-oauth-plugin 3 https://github.com/peteroupc/CBOR-Java 3 https://github.com/pf4j/pf4j 3 https://github.com/opengoofy/hippo4j 3 https://github.com/jenkinsci/nomad-plugin 3 https://github.com/jooby-project/jooby 3 https://github.com/apache/storm 3 https://github.com/eclipse-ee4j/mojarra 3 https://github.com/joniles/mpxj 3 https://github.com/li-yu320/cms 3 https://github.com/apache/jackrabbit 3 https://github.com/jenkinsci/git-parameter-plugin 3 https://github.com/jenkinsci/crx-content-package-deployer-plugin 3 https://github.com/wso2/carbon-registry 3 https://github.com/jenkinsci/gitlab-branch-source-plugin 3 https://github.com/Jarvis-616/cms 3 https://github.com/jenkinsci/git-client-plugin 3 https://github.com/jenkinsci/scriptler-plugin 3 https://github.com/jenkinsci/cvs-plugin 3 https://github.com/codehaus-plexus/plexus-utils 3 https://github.com/LetianYuan/My-CVE-Public-References 3 https://github.com/jenkinsci/database-plugin 3 https://github.com/jhy/jsoup 3 https://github.com/apache/geronimo 3 https://github.com/apache/flume 3 https://github.com/wildfly/wildfly-core 3 https://github.com/apache/dubbo 3 https://github.com/jenkinsci/embeddable-build-status-plugin 3 https://github.com/AsyncHttpClient/async-http-client 3 https://github.com/intranda/goobi-viewer-core 3 https://github.com/apache/derby 3 https://github.com/jeremylong/DependencyCheck 3 https://github.com/apache/cxf-fediz 3 https://github.com/Adobe-Consulting-Services/acs-aem-commons 3 https://github.com/eclipse-vertx/vert.x 3 https://github.com/jenkinsci/mailer-plugin 3 https://github.com/jenkinsci/mac-plugin 3