Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

maven Security Advisories

Loading...
High
GSA_kwCzR0hTQS1wcjl4LXFtcDUtajNycs3vuA
Improper Input Validation in Apache Hadoop
Ecosystems: maven
Packages: org.apache.hadoop:hadoop-client
Source: GitHub Advisory Database
Blast Radius: 31.6
Published: almost 2 years ago
High
GSA_kwCzR0hTQS03Y3dqLWozMzMteDdmN83vMQ
Uncontrolled Resource Consumption in Apache ZooKeeper
Ecosystems: maven
Packages: org.apache.zookeeper:zookeeper
Source: GitHub Advisory Database
Blast Radius: 34.0
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS1obXg2LWdjMnAtNXA4Ms3u2w
Nablarch Incomplete Cryptography
Ecosystems: maven
Packages: com.nablarch.framework:nablarch-fw-web
Source: GitHub Advisory Database
Blast Radius: 13.9
Published: almost 2 years ago
High
GSA_kwCzR0hTQS01aGc4LXI5dnEtZ2pxcM3uuw
Improper Restriction of XML External Entity Reference in Apache FOP
Ecosystems: maven
Packages: org.apache.xmlgraphics:fop
Source: GitHub Advisory Database
Blast Radius: 24.2
Published: almost 2 years ago
High
GSA_kwCzR0hTQS12M2g4LXJ3NDgtaDRncs3ubQ
Apache Geronimo Hash Collisions Cause DoS
Ecosystems: maven
Packages: org.apache.geronimo:geronimo
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS00bThjLWg3ZnItZ3E1Y83uFw
Cloud Foundry vulnerable to Cross-Site Request Forgery
Ecosystems: maven
Packages: org.cloudfoundry.identity:cloudfoundry-identity-server
Source: GitHub Advisory Database
Blast Radius: 11.3
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS05ZnJ3LXdtdnEtNXJyY83t9g
Cloud Foundry UAA Identity Zone Admin Privilege Escalation
Ecosystems: maven
Packages: org.cloudfoundry.identity:cloudfoundry-identity-server
Source: GitHub Advisory Database
Blast Radius: 7.8
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1jZ3JnLXgzNHItNzhmM83uBA
Cloud Foundry UAA password reset vulnerability
Ecosystems: maven
Packages: org.cloudfoundry.identity:cloudfoundry-identity-server
Source: GitHub Advisory Database
Blast Radius: 8.5
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1jdzljLXYzdjItOTlobc3uCw
Blind SQL Injection with privileged Cloud Foundry UAA endpoints
Ecosystems: maven
Packages: org.cloudfoundry.identity:cloudfoundry-identity-server
Source: GitHub Advisory Database
Blast Radius: 7.6
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1wZ2pjLWdjN2ctcDJjNs3uCg
Cloud Foundry UAA Privilege Escalation
Ecosystems: maven
Packages: org.cloudfoundry.identity:cloudfoundry-identity-server
Source: GitHub Advisory Database
Blast Radius: 10.3
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS1qY21oLXgzMnYtN21nZs3uBg
Cloud Foundry UAA privilege escalation with user invitations
Ecosystems: maven
Packages: org.cloudfoundry.identity:cloudfoundry-identity-server
Source: GitHub Advisory Database
Blast Radius: 11.5
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1mbTVjLTJyd2MtODg3d83t7A
Cloud Foundry UAA reset password vulnerable to brute force attack
Ecosystems: maven
Packages: org.cloudfoundry.identity:cloudfoundry-identity-server
Source: GitHub Advisory Database
Blast Radius: 9.5
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1oeGd3LTc1MzktcHY3cs3t6w
Cloud Foundry denial of service vulnerability
Ecosystems: maven
Packages: org.cloudfoundry.identity:cloudfoundry-identity-server
Source: GitHub Advisory Database
Blast Radius: 8.8
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1wOXFqLTRyanAtajN3Oc3t6Q
Apache Directory Studio Command Injection
Ecosystems: maven
Packages: org.apache.directory.studio:org.apache.directory.studio.ldapbrowser.core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS02ZnhtLTY2aHEtZmM5Ns3tzQ
Uncontrolled Resource Consumption in Apache Commons Compress
Ecosystems: maven
Packages: org.apache.commons:commons-compress
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1xNHEyLTkzcHctcXdnZs3t2g
Issuer validation regression in Spring Cloud SSO Connector
Ecosystems: maven
Packages: io.pivotal.spring.cloud:spring-cloud-sso-connector
Source: GitHub Advisory Database
Blast Radius: 6.3
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS04N3ZnLTVwZ3gtcGdnaM3ttg
spring-integration-zip Arbitrary File Write
Ecosystems: maven
Packages: org.springframework.integration:spring-integration-zip
Source: GitHub Advisory Database
Blast Radius: 4.2
Published: almost 2 years ago
High
GSA_kwCzR0hTQS04djk3LWd2M2ctMzJyZs3tyA
UAA privilege escalation across identity zones
Ecosystems: maven
Packages: org.cloudfoundry.identity:cloudfoundry-identity-server
Source: GitHub Advisory Database
Blast Radius: 8.5
Published: almost 2 years ago
Low
GSA_kwCzR0hTQS1majY5LXA4ZjYtcTk3aM3txQ
Cloud Foundry Runtime has Weak Password Recovery Mechanism for Forgotten Password
Ecosystems: maven
Packages: org.cloudfoundry.identity:cloudfoundry-identity-server
Source: GitHub Advisory Database
Blast Radius: 4.4
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS1jcTZtLTc0cjQteDc3Z83tgA
Cloud Foundry Runtime has Weak Password Recovery Mechanism for Forgotten Password
Ecosystems: maven
Packages: org.cloudfoundry.identity:cloudfoundry-identity-server
Source: GitHub Advisory Database
Blast Radius: 11.5
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS1oNTMzLXE2amMtcXgyOM3tpw
Cloud Foundry Runtime Insufficient Session Expiration vulnerability
Ecosystems: maven
Packages: org.cloudfoundry.identity:cloudfoundry-identity-server
Source: GitHub Advisory Database
Blast Radius: 11.5
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1tcHYzLWc1MjctZnFyas3tng
Cloud Foundry Runtime Cross-Site Request Forgery vulnerability
Ecosystems: maven
Packages: org.cloudfoundry.identity:cloudfoundry-identity-server
Source: GitHub Advisory Database
Blast Radius: 10.3
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS00MjYyLXdyN3AtZ3Bjas3tmg
Rundeck Community Edition vulnerable to Cross-site Scripting
Ecosystems: maven
Packages: org.rundeck:rundeck
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1qd3Z3LXY3YzUtbTgyaM3tlQ
protobuf susceptible to buffer overflow
Ecosystems: pypi, packagist, go, maven, nuget
Packages: protobuf, google/protobuf, github.com/protocolbuffers/protobuf, com.google.protobuf:protobuf-parent, Google.Protobuf
Source: GitHub Advisory Database
Blast Radius: 94.2
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS04Mzd4LXh3dzYtN2pxbc3smg
PostgreSQL PL/Java Improper Privilege Management
Ecosystems: maven
Packages: postgresql:pljava-public
Source: GitHub Advisory Database
Blast Radius: 5.1
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1jY3FmLWM1aHEtNzdtcM3sQA
Missing Authorization in Apache ZooKeeper
Ecosystems: maven
Packages: org.apache.zookeeper:zookeeper
Source: GitHub Advisory Database
Blast Radius: 34.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1yMjM3LXcydzYtanEzcM3sNQ
Inefficient Algorithmic Complexity in Apache Santuario XML Security
Ecosystems: maven
Packages: org.apache.santuario:xmlsec
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS00cDR3LTZoNTQtZzg4Nc3sNg
Improper Input Validation in Apache Santuario XML Security
Ecosystems: maven
Packages: org.apache.santuario:xmlsec
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS13N2NxLWo5cDktaG0zbc3sHw
Improper Input Validation in Apache Santuario XML Security
Ecosystems: maven
Packages: org.apache.santuario:xmlsec
Source: GitHub Advisory Database
Blast Radius: 18.1
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS05aDZwLTkyanEtODg4eM3sDA
Integer Overflow or Wraparound in JBCrypt
Ecosystems: maven
Packages: org.mindrot:jbcrypt
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1yYzJ3LXI0anEtN3BmeM3r1w
Improper Authorization in Apache Xalan-Java
Ecosystems: maven
Packages: xalan:xalan
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1qd3dyLWZqZ2gtY3YyeM3r0Q
Improper Restriction of XML External Entity Reference in Castor
Ecosystems: maven
Packages: org.codehaus.castor:castor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS02cmg1LTIzaHgtajQ1Ms3rtw
Improper Authorization in Jenkins Core
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS04cXhwLWc4anYtcDM3eM3rvA
Improper Authorization in Jenkins Core
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS0zMnc5LTJxcGMtNWY5ds3qwg
Docker image code execution with Apache Mesos
Ecosystems: maven
Packages: org.apache.mesos:mesos
Source: GitHub Advisory Database
Blast Radius: 23.3
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS13NzdwLThjZmctMng0M83qjw
Improper Access Control in SLF4J
Ecosystems: maven
Packages: org.slf4j:slf4j-ext
Source: GitHub Advisory Database
Blast Radius: 34.6
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS12NzIzLTU4anYtMnFjNM3qVA
Exposure of Sensitive Information to an Unauthorized Actor in OpenSAML
Ecosystems: maven
Packages: org.opensaml:opensaml
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS1yYzdoLXg2Y3EtOTg4cc3p0Q
Improper Input Validation in JGroups
Ecosystems: maven
Packages: org.jgroups:jgroups
Source: GitHub Advisory Database
Blast Radius: 32.2
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS05cWY5LTI4aDktaHFjas3pCw
Remote code execution in PATCH requests in Spring Data REST
Ecosystems: maven
Packages: org.springframework.data:spring-data-rest-core
Source: GitHub Advisory Database
Blast Radius: 32.9
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1nNmhmLWY5Y3EtcTd3N83o4w
Cross-Site Request Forgery in Spring Framework
Ecosystems: maven
Packages: org.springframework:spring-web
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1oaG00LWh3cTYtM2M2d83o4g
Improper Limitation of a Pathname to a Restricted Directory in Spring Framework
Ecosystems: maven
Packages: org.springframework:spring-webmvc
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1mOTNmLWczM3ItOHBjcM3o4A
Improper Restriction of XML External Entity Reference in Spring Framework
Ecosystems: maven
Packages: org.springframework:spring-webmvc
Source: GitHub Advisory Database
Blast Radius: 47.1
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1ycDRwLWc2OXItNDM4eM3pDQ
Cross-Site Request Forgery in Spring Framework
Ecosystems: maven
Packages: org.springframework:spring-oxm
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS12cDYzLXJyY20tOW1waM3o-Q
Missing XML Validation in Spring Framework
Ecosystems: maven
Packages: org.springframework:spring-oxm
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS04Y21tLXFqOGctZmNwNs3o_A
Cross-Site Request Forgery in Spring Framework
Ecosystems: maven
Packages: org.springframework:spring-webmvc
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1yNjljLTVqN2Mtdm02cc3o9A
Cross-site Scripting in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS00Mnh3LXA2MngtaHdjZs3oxA
Improper Access Control in Apache Derby
Ecosystems: maven
Packages: org.apache.derby:derby
Source: GitHub Advisory Database
Blast Radius: 23.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1naDI3LTM4cDUtbXJ4Y83oyA
Improper Control of Generation of Code in Apache Kafka
Ecosystems: maven
Packages: org.apache.kafka:kafka
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS0ycnZmLTMyOWYtcDk5Z83otg
System Property Disclosure in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 14.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS0zbWpwLXA5MzgtNDMyOc3ong
Apache Tomcat vulnerable to SecurityManager bypass
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 19.8
Published: almost 2 years ago
High
GSA_kwCzR0hTQS12aHJnLXYzY3YtcDI0N83otA
Deserialization of Untrusted Data in Spring Security
Ecosystems: maven
Packages: org.springframework.security:spring-security-core
Source: GitHub Advisory Database
Blast Radius: 37.6
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS13eGNwLWYyYzgteDZ4ds3opg
Observable Discrepancy in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 15.6
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS00djNnLWc4NHctaHY3cs3oqg
Authentication Bypass Using an Alternate Path or Channel in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat.embed:tomcat-embed-jasper, org.apache.tomcat:jasper, org.apache.tomcat:tomcat-jasper
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1xNng3LWYzM3ItM3d4eM3osg
Incorrect Authorization in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 19.8
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS13OHY3LXByaHcteGpwd83opQ
Apache Flex BlazeDS unsafe deserialization
Ecosystems: maven
Packages: org.apache.flex.blazeds:flex-messaging-remoting, org.apache.flex.blazeds:flex-messaging-core
Source: GitHub Advisory Database
Blast Radius: 16.6
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS00cTIzLWc3bWYteHA5OM3orA
Cross-site Scripting in Apache DeltaSpike
Ecosystems: maven
Packages: org.apache.deltaspike.modules:jsf-module-project
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS03ajRoLTh3cGYtcnFmaM3mvw
Missing XML Validation in Apache Xerces2
Ecosystems: maven
Packages: xerces:xercesImpl
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS02NnJ4LWdxeDMtcDk4bc3mdg
Improper Authentication in Apache Axis2
Ecosystems: maven
Packages: org.apache.axis2:axis2
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1ndjl2LWMzNzUtaHZtZ83mmg
Improper Authentication in Spring Security
Ecosystems: maven
Packages: org.springframework.security:spring-security-core
Source: GitHub Advisory Database
Blast Radius: 33.9
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS02bXY5LWhjeDUtN21oaM3mmQ
Server-Side Request Forgery in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS0yNndjLTN3cXAtZzNycM3mng
Deserialization of Untrusted Data in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1xZjM4LWYyZnItcTR4Oc3mcA
Improper Input Validation in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS02NDU2LXhqbTUtZzNwZ83mlQ
Cross-site scripting vulnerability exists in Jenkins and Stapler Plugin
Ecosystems: maven
Packages: org.kohsuke.stapler:stapler-parent, org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS0ydzR4LXJ4cDctZ3JnN83mjg
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS13bXI4LTI1ZmYtZ2dwas3mkQ
Incorrect Authorization in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS03NTkyLTkzcm0tNmdweM3mbg
Injection in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS14Nmp3LTJmMjMtbWM1as3mkg
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1yZ21qLW1jY2otaDlteM3mbQ
Cross-Site Request Forgery in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS14NjQ2LW03eDItZ2NwN83mbw
Path Traversal in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1xcGc5LTgzZnYteDljaM3mcg
Improper Neutralization of Input During Web Page Generation in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1wZ3h2LWg5NjctZncycc3mkA
Improper Neutralization of Input During Web Page Generation in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS03NDJqLWpjZnItMjN3M83mkw
Insufficient Session Expiration in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS01cDU5LXY1d20tNzd2NM3mlA
Improper Limitation of a Pathname to a Restricted Directory in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS04NDc3LTN2MzktZ2dwbc3mcQ
Improper Validation of Integrity Check Value in Bouncy Castle
Ecosystems: maven
Packages: org.bouncycastle:bcprov-jdk15on
Source: GitHub Advisory Database
Blast Radius: 18.8
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS1oaHBtLTVjcDItaGc0eM3mcw
Deserialization of Untrusted Data in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1qOHF2LW1qNHItNmZ3NM3mdQ
Improper Input Validation in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1wMjY1LXhyOTgtM3Ztcs3mbA
Incorrect Authorization in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS14NWptLXJqMzctNXFoN83maA
Sandbox Bypass in Script Security Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:script-security
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS14dnhxLWhxNDgteHBobc3maQ
Sandbox bypass in Script Security Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:script-security
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1yODRwLTg4ZzItMnZ4Ms3l_Q
Apache Tomcat EncryptInterceptor error leads to Uncontrolled Resource Consumption
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 19.8
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1ycXBoLXZxd20tMjJ2Y83lzA
Allocation of Resources Without Limits or Throttling in Spring Framework
Ecosystems: maven
Packages: org.springframework:spring-messaging
Source: GitHub Advisory Database
Blast Radius: 26.4
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1oaDI2LTZ4d3ItZ2d2N83mDQ
Denial of service in Spring Framework
Ecosystems: maven
Packages: org.springframework:spring-beans
Source: GitHub Advisory Database
Blast Radius: 37.3
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS0yNjlxLWhteGctbTgzcc3kbg
Local Information Disclosure Vulnerability in io.netty:netty-codec-http
Ecosystems: maven
Packages: io.netty:netty-codec-http
Source: GitHub Advisory Database
Blast Radius: 21.0
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS1wamNoLTRnMjgtZnh4N83jyA
External Entity Reference in TwelveMonkeys ImageIO
Ecosystems: maven
Packages: com.twelvemonkeys.imageio:imageio-metadata
Source: GitHub Advisory Database
Blast Radius: 18.3
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS1nY2h2LTM2NGgtcjg5Ns3jtg
XML External Entity Reference in apache jena
Ecosystems: maven
Packages: org.apache.jena:jena
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1xNWY4LWZ4cngtcHc2Zs3iYg
Jenkins subject to Cross-site Scripting
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1ycWhnLWN4ZnItOHhxd83iaQ
Jenkins Cross-Site Request Forgery vulnerability
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS03OGNqLTJtMjktcTVyOc3ibA
Jenkins Cross-Site Request Forgery vulnerability
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Low
GSA_kwCzR0hTQS12bTY5LTQ3NHYtN3Eyd83iMA
Incorrect Default Permissions in Apache Commons FileUpload
Ecosystems: maven
Packages: commons-fileupload:commons-fileupload
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1wNWM1LTY1NjQtdnZyOM3iKQ
Improper Authentication in Apache CXF
Ecosystems: maven
Packages: org.apache.cxf:cxf-rt-frontend-jaxrs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Low
GSA_kwCzR0hTQS1qd2ZyLWg2anAtOXAyZ83iFw
Jenkins allows attackers to obtain the master cryptographic key
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS14anJmLTh4NGYtNDNoNM3gvQ
Improper Neutralization of Input During Web Page Generation in Spring Framework
Ecosystems: maven
Packages: org.springframework:spring-web
Source: GitHub Advisory Database
Blast Radius: 28.0
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS13NTU5LTYyM3AtdmZnOM3fzg
MyBatis PageHelper vulnerable to time-blind SQL injection via orderBy parameter
Ecosystems: maven
Packages: com.github.pagehelper:pagehelper
Source: GitHub Advisory Database
Blast Radius: 42.1
Published: almost 2 years ago
High
GSA_kwCzR0hTQS00d3JyLTloNXItbTkyd83e2w
Apache Struts Remote Java Code Execution
Ecosystems: maven
Packages: org.apache.struts.xwork:xwork-core, org.apache.struts:struts2-core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS0ycHBwLXhqMzQtdnZmN83e3A
Apache Struts's CookieInterceptor component does not use the parameter-name whitelist
Ecosystems: maven
Packages: org.apache.struts.xwork:xwork-core, org.apache.struts:struts2-core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1obXZqLWdjOXEtbWc5cM3e3g
Apache Struts's DebuggingInterceptor component allows remote code execution in developer mode
Ecosystems: maven
Packages: org.apache.struts.xwork:xwork-core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1oeHFxLXc0bXItbWM2Ms3e2A
Apache Struts's ParameterInterceptor component does not prevent access to public constructors
Ecosystems: maven
Packages: org.apache.struts:struts2-core, org.apache.struts.xwork:xwork-core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1qcXg1LWgyaHctNXE0Zs3eaA
Denial of Service in Apache POI
Ecosystems: maven
Packages: org.apache.poi:poi-scratchpad, org.apache.poi:poi
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS04aDJxLXFtOXgtNTVqY83dwA
Denial of Service in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS0zcDg2LXhncnEtbTZwNs3c3Q
Improper Neutralization of Input During Web Page Generation in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Statistics
Advisories: 18,151
Packages: 8,242
Repositories: 968
Ecosystems: 12
Filter by Severity
Moderate 7,822 High 6,289 Critical 2,787 Low 969
Filter by Ecosystem
maven 5,518 packagist 3,782 pypi 3,552 npm 3,530 go 1,886 nuget 1,390 rubygems 813 cargo 773 swift 31 hex 29 actions 16 pub 8
Filter by Package
org.jenkins-ci.main:jenkins-core 189 org.apache.tomcat:tomcat 134 com.fasterxml.jackson.core:jackson-databind 69 org.apache.struts:struts2-core 55 org.keycloak:keycloak-core 47 com.liferay.portal:release.portal.bom 45 org.apache.tomcat.embed:tomcat-embed-core 37 com.thoughtworks.xstream:xstream 36 com.jfinal:jfinal 36 net.mingsoft:ms-mcms 35 org.xwiki.platform:xwiki-platform-oldcore 34 org.elasticsearch:elasticsearch 32 org.jenkins-ci.plugins:script-security 30 io.undertow:undertow-core 27 org.keycloak:keycloak-services 27 org.apache.solr:solr-core 25 org.keycloak:keycloak-parent 25 org.eclipse.jetty:jetty-server 23 org.springframework.security:spring-security-core 23 org.apache.nifi:nifi 22 org.apache.openmeetings:openmeetings-parent 21 org.cloudfoundry.identity:cloudfoundry-identity-server 20 org.springframework:spring-core 19 com.liferay.portal:release.dxp.bom 18 com.vaadin:vaadin-bom 18 org.bouncycastle:bcprov-jdk14 18 org.xwiki.platform:xwiki-platform-web-templates 17 org.apache.geode:geode-core 17 org.apache.dubbo:dubbo 16 org.bouncycastle:bcprov-jdk15 16 org.apache.activemq:activemq-client 16 org.apache.struts.xwork:xwork-core 15 org.apache.jspwiki:jspwiki-main 15 org.xwiki.platform:xwiki-platform-web 14 org.apache.inlong:manager-pojo 13 org.apache.hadoop:hadoop-main 13 org.apache.cxf:cxf 13 org.jenkins-ci.plugins.workflow:workflow-cps 12 org.jenkins-ci.plugins:git 12 com.vaadin:flow-server 12 org.apache.dolphinscheduler:dolphinscheduler 12 org.igniterealtime.openfire:parent 11 org.jenkins-ci.plugins:email-ext 11 org.apache.cxf:cxf-core 11 org.apache.james:james-server 11 org.apache.commons:commons-compress 11 org.jeecgframework.boot:jeecg-boot-common 11 org.apache.camel:camel-core 11 org.apache.jspwiki:jspwiki-war 11 org.mortbay.jetty:jetty 11 org.apache.ranger:ranger 11 org.apache.hadoop:hadoop-common 11 org.apache.tomcat:tomcat-coyote 11 org.apache.tika:tika-core 11 org.jeecgframework.boot:jeecg-boot-parent 11 com.xuxueli:xxl-job 11 org.jenkins-ci.plugins.workflow:workflow-cps-global-lib 10 io.netty:netty 10 org.jboss.netty:netty 10 org.apache.inlong:manager-service 10 org.xwiki.platform:xwiki-platform-administration-ui 10 org.apache.hive:hive 9 org.craftercms:crafter-studio 9 org.bouncycastle:bcprov-jdk15on 9 org.jenkins-ci.plugins:active-directory 9 org.jenkins-ci.plugins:electricflow 9 org.opencrx:opencrx-core-models 9 org.apache.shiro:shiro-core 9 io.jenkins:configuration-as-code 9 cn.hutool:hutool-core 9 com.sonyericsson.jenkins.plugins.bfa:build-failure-analyzer 9 org.opennms:opennms 9 org.apache.tapestry:tapestry-core 9 org.apache.archiva:archiva 9 org.springframework:spring-web 9 org.apache.xmlgraphics:batik 9 jquery 9 jquery-rails 9 org.apache.tomcat:tomcat-catalina 9 org.jenkins-ci.plugins:config-file-provider 9 org.webjars.npm:jquery 9 org.springframework:spring-webmvc 9 jQuery 8 org.apache.ozone:ozone-main 8 org.postgresql:postgresql 8 com.hazelcast:hazelcast 8 org.apache.kylin:kylin 8 org.apache.zeppelin:zeppelin 8 org.apache.santuario:xmlsec 8 org.apache.ambari:ambari 8 org.apache.hive:hive-exec 8 io.jenkins.blueocean:blueocean 8 org.jenkins-ci.plugins:ec2 8 org.opencms:opencms-core 8 org.apache.pdfbox:pdfbox 8 mysql:mysql-connector-java 8 org.graylog2:graylog2-server 8 org.yaml:snakeyaml 8 org.jenkins-ci.plugins:artifactory 7 org.jenkins-ci.plugins:jobConfigHistory 7 io.dataease:dataease-plugin-common 7 org.jenkins-ci.plugins:rundeck 7 org.silverpeas.core:silverpeas-core-web 7 org.apache.spark:spark-core_2.11 7 io.atomix:atomix 7 org.jboss.resteasy:resteasy-client 7 org.apache.linkis:linkis 7 org.apache.tika:tika 7 io.jenkins.plugins:cavisson-ns-nd-integration 7 org.apache.inlong:manager-web 7 org.owasp.esapi:esapi 7 org.jeecgframework.boot:jeecg-boot-base 7 jQuery.UI.Combined 7 org.apache.hive:hive-service 7 org.webjars.npm:jquery-ui 7 org.owasp.antisamy:antisamy 7 jquery-ui-rails 7 io.jenkins.plugins:miniorange-saml-sp 7 org.jenkins-ci.plugins:subversion 7 org.apache.atlas:atlas-common 7 io.jenkins.plugins:warnings-ng 7 org.apache.logging.log4j:log4j-core 7 jquery-ui 7 org.apache.karaf:apache-karaf 7 org.apache.cxf:apache-cxf 7 org.jenkins-ci.plugins:openshift-deployer 7 rubygems-update 7 org.apache.activemq:activemq-parent 7 org.jenkins-ci.plugins:mercurial 7 org.jruby:jruby-stdlib 7 org.apache.derby:derby 7 net.opentsdb:opentsdb 7 org.apache.poi:poi 7 com.jflyfox:jflyfox_jfinal 6 org.apache.solr:solr-parent 6 org.opencastproject:opencast-kernel 6 org.apache.storm:storm-core 6 org.jenkins-ci.plugins:fortify-on-demand-uploader 6 org.jenkins-ci.plugins:ec2-deployment-dashboard 6 org.xwiki.commons:xwiki-commons-xml 6 org.apache.spark:spark-core_2.10 6 org.apache.mesos:mesos 6 com.sonyericsson.hudson.plugins.gerrit:gerrit-trigger 6 org.jenkins-ci.plugins:pipeline-maven 6 org.apache.httpcomponents:httpclient 6 org.jenkins-ci.plugins:repository-connector 6 org.apache.syncope:syncope-core 6 axis:axis 6 org.opensearch.plugin:opensearch-security 6 io.netty:netty-codec-http 6 org.csanchez.jenkins.plugins:kubernetes 6 de.tum.in.ase:artemis-java-test-sandbox 6 tech.powerjob:powerjob 6 org.jenkins-ci.plugins:gitlab-oauth 6 io.netty:netty-handler 6 commons-fileupload:commons-fileupload 6 org.jenkins-ci.plugins:azure-vm-agents 6 cn.hutool:hutool-json 6 hudson.plugins:project-inheritance 6 com.xebialabs.deployit.ci:deployit-plugin 6 org.apache.pulsar:pulsar-broker 6 org.apache.shenyu:shenyu-common 6 org.apache.axis:axis 6 org.apache.struts:struts2-rest-plugin 6 org.jenkins-ci.plugins:openid 5 org.xwiki.platform:xwiki-platform-appwithinminutes-ui 5 org.apache.cassandra:cassandra-all 5 org.jenkins-ci.plugins:junit 5 org.springframework.amqp:spring-amqp 5 org.apache.druid:druid 5 org.jenkins-ci.plugins:codedx 5 com.ruoyi:ruoyi 5 org.jenkins-ci.plugins:matrix-project 5 org.jenkinsci.plugins:octoperf 5 org.jenkins-ci.plugins:google-login 5 org.opennms:opennms-webapp 5 info.magnolia:magnolia-core 5 edu.stanford.nlp:stanford-corenlp 5 com.google.protobuf:protobuf-java 5 org.codehaus.jettison:jettison 5 org.xwiki.platform:xwiki-platform-flamingo-skin-resources 5 org.jenkins-ci.plugins:azure-ad 5 org.jenkins-ci.plugins:scriptler 5 log4j:log4j 5 org.jenkins-ci.plugins:credentials 5 org.jenkins-ci.plugins:ghprb 5 org.jenkins-ci.plugins:delphix 5 org.jenkins-ci.plugins:websphere-deployer 5 org.apache.hadoop:hadoop-client 5 org.zenframework.z8.dependencies.commons:log4j-1.2.17 5 org.jenkins-ci.plugins:publish-over-ssh 5 org.apache.kylin:kylin-server-base 5 org.jenkins-ci.plugins:support-core 5 org.jboss.resteasy:resteasy-bom 5 org.jenkins-ci.plugins.m2release:m2release 5 org.apache.inlong:manager-dao 5 com.coravy.hudson.plugins.github:github 5 com.mabl.integration.jenkins:mabl-integration 5 org.dspace:dspace-jspui 5 org.jenkins-ci.plugins:gitlab-plugin 5
Filter by Repository
https://github.com/xwiki/xwiki-platform 172 https://github.com/jenkinsci/jenkins 148 https://github.com/apache/tomcat 96 https://github.com/FasterXML/jackson-databind 70 https://github.com/keycloak/keycloak 58 https://github.com/apache/struts 46 https://github.com/spring-projects/spring-framework 41 https://github.com/x-stream/xstream 36 https://github.com/apache/activemq 32 https://github.com/CVEProject/cvelist 28 https://github.com/apache/inlong 25 https://github.com/eclipse/jetty.project 23 https://github.com/apache/nifi 21 https://github.com/OpenNMS/opennms 20 https://github.com/jeecgboot/jeecg-boot 20 https://github.com/netty/netty 20 https://github.com/jenkinsci/script-security-plugin 20 https://github.com/apache/cxf 19 https://github.com/cloudfoundry/uaa 19 https://github.com/bcgit/bc-java 18 https://github.com/vaadin/platform 17 https://github.com/opencast/opencast 16 https://github.com/apache/camel 15 https://github.com/geoserver/geoserver 15 https://github.com/xuxueli/xxl-job 13 https://github.com/quarkusio/quarkus 13 https://github.com/undertow-io/undertow 13 https://github.com/ming-soft/MCMS 13 https://github.com/dromara/hutool 12 https://github.com/apache/kylin 12 https://github.com/apache/dolphinscheduler 12 https://github.com/vaadin/flow 11 https://github.com/igniterealtime/Openfire 11 https://github.com/jquery/jquery 10 https://github.com/jenkinsci/git-plugin 10 https://github.com/Graylog2/graylog2-server 9 https://github.com/DSpace/DSpace 9 https://github.com/apache/lucene-solr 9 https://github.com/cui2shark/cms 9 https://github.com/spring-projects/spring-security 9 https://github.com/opensearch-project/security 8 https://github.com/nahsra/antisamy 8 https://github.com/xwiki/xwiki-commons 8 https://github.com/jenkinsci/config-file-provider-plugin 8 https://github.com/apache/zeppelin 8 https://github.com/hazelcast/hazelcast 8 https://github.com/ratpack/ratpack 7 https://github.com/pgjdbc/pgjdbc 7 https://github.com/jenkinsci/blueocean-plugin 7 https://github.com/RhinoSecurityLabs/CVEs 7 https://github.com/vaadin/framework 7 https://github.com/OpenTSDB/opentsdb 7 https://github.com/apache/xmlgraphics-batik 7 https://github.com/rundeck/rundeck 7 https://github.com/rubygems/rubygems 7 https://github.com/jflyfox/jfinal_cms 7 https://github.com/dataease/dataease 7 https://github.com/jenkinsci/electricflow-plugin 6 https://github.com/vert-x3/vertx-web 6 https://github.com/OpenRefine/OpenRefine 6 https://github.com/DrunkenShells/Disclosures 6 https://github.com/jenkinsci/fortify-on-demand-uploader-plugin 6 https://github.com/apache/hadoop 6 https://github.com/jenkinsci/gerrit-trigger-plugin 6 https://github.com/http4s/http4s 6 https://github.com/line/armeria 6 https://github.com/apache/pulsar 6 https://github.com/apache/tika 6 https://github.com/ESAPI/esapi-java-legacy 6 https://github.com/ls1intum/Ares 6 https://github.com/playframework/playframework 6 https://github.com/resteasy/resteasy 6 https://github.com/jenkinsci/configuration-as-code-plugin 6 https://github.com/jenkinsci/ec2-plugin 6 https://github.com/cui2shark/security 6 https://github.com/jquery/jquery-ui 6 https://github.com/jenkinsci/build-failure-analyzer-plugin 6 https://bitbucket.org/snakeyaml/snakeyaml 6 https://github.com/apache/shiro 5 https://github.com/apache/openmeetings 5 https://github.com/protocolbuffers/protobuf 5 https://github.com/JLLeitschuh/security-research 5 https://github.com/jenkinsci/codedx-plugin 5 https://github.com/jenkinsci/junit-plugin 5 https://github.com/jenkinsci/github-plugin 5 https://github.com/jenkinsci/gitlab-plugin 5 https://github.com/apiman/apiman 5 https://github.com/PowerJob/PowerJob 5 https://github.com/h2database/h2database 5 https://github.com/jenkinsci/support-core-plugin 5 https://github.com/jenkinsci/workflow-cps-global-lib-plugin 5 https://github.com/apache/karaf 5 https://github.com/jenkinsci/subversion-plugin 5 https://github.com/restlet/restlet-framework-java 5 https://github.com/jettison-json/jettison 5 https://github.com/jenkinsci/email-ext-plugin 5 https://github.com/OpenAPITools/openapi-generator 5 https://github.com/alibaba/nacos 5 https://github.com/jenkinsci/m2release-plugin 5 https://github.com/jenkinsci/publish-over-ssh-plugin 5 https://bitbucket.org/connect2id/nimbus-jose-jwt 5 https://github.com/grails/grails-core 5 https://github.com/jensdietrich/xshady-release 5 https://github.com/neo4j-contrib/neo4j-apoc-procedures 5 https://github.com/jenkinsci/active-directory-plugin 5 https://github.com/apache/geode 5 https://github.com/apache/shenyu 5 https://github.com/jenkinsci/rundeck-plugin 4 https://github.com/jenkinsci/htmlpublisher-plugin 4 https://github.com/jenkinsci/hpe-application-automation-tools-plugin 4 https://github.com/jenkinsci/warnings-ng-plugin 4 https://github.com/reportportal/reportportal 4 https://github.com/resteasy/Resteasy 4 https://github.com/jenkinsci/matrix-project-plugin 4 https://github.com/jenkinsci/job-config-history-plugin 4 https://github.com/jenkinsci/nexus-platform-plugin 4 https://github.com/skylot/jadx 4 https://github.com/yamcs/yamcs 4 https://github.com/shopizer-ecommerce/shopizer 4 https://github.com/alkacon/opencms-core 4 https://github.com/aws/aws-iot-device-sdk-java-v2 4 https://github.com/jenkinsci/active-choices-plugin 4 https://github.com/jenkinsci/libvirt-slave-plugin 4 https://github.com/apache/httpcomponents-client 4 https://github.com/jenkinsci/workflow-cps-plugin 4 https://github.com/stanfordnlp/corenlp 4 https://github.com/jenkinsci/xldeploy-plugin 4 https://github.com/jenkinsci/ansible-plugin 4 https://github.com/jenkinsci/fortify-plugin 4 https://github.com/HtmlUnit/htmlunit 4 https://github.com/jenkinsci/gitlab-oauth-plugin 4 https://github.com/itext/itext7 4 https://github.com/infinispan/infinispan 4 https://github.com/apache/syncope 4 https://github.com/ktorio/ktor 4 https://github.com/xerial/snappy-java 4 https://github.com/apache/activemq-artemis 4 https://github.com/nightcloudos/new_cms 4 https://github.com/apache/solr 4 https://github.com/micronaut-projects/micronaut-core 4 https://github.com/jenkinsci/credentials-binding-plugin 4 https://github.com/pippo-java/pippo 4 https://github.com/jenkinsci/p4-plugin 4 https://github.com/jfinal/jfinal 4 https://github.com/orientechnologies/orientdb 3 https://github.com/jenkinsci/azure-credentials-plugin 3 https://github.com/qos-ch/logback 3 https://github.com/OWASP/json-sanitizer 3 https://github.com/jenkinsci/cas-plugin 3 https://github.com/open-metadata/OpenMetadata 3 https://svn.apache.org/viewvc/lucene/dev 3 https://github.com/apache/santuario-java 3 https://github.com/Rabb1ter/cms 3 https://github.com/mbechler/marshalsec 3 https://bitbucket.org/b_c/jose4j 3 https://github.com/apache/ranger 3 https://github.com/jenkinsci/azure-vm-agents-plugin 3 https://github.com/jenkinsci/audit-trail-plugin 3 https://github.com/google/guava 3 https://github.com/eclipse/lemminx 3 https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server 3 https://github.com/jenkinsci/mercurial-plugin 3 https://github.com/jenkinsci/bitbucket-oauth-plugin 3 https://github.com/peteroupc/CBOR-Java 3 https://github.com/pf4j/pf4j 3 https://github.com/opengoofy/hippo4j 3 https://github.com/jenkinsci/nomad-plugin 3 https://github.com/jooby-project/jooby 3 https://github.com/apache/storm 3 https://github.com/eclipse-ee4j/mojarra 3 https://github.com/joniles/mpxj 3 https://github.com/li-yu320/cms 3 https://github.com/apache/jackrabbit 3 https://github.com/jenkinsci/git-parameter-plugin 3 https://github.com/jenkinsci/crx-content-package-deployer-plugin 3 https://github.com/wso2/carbon-registry 3 https://github.com/jenkinsci/gitlab-branch-source-plugin 3 https://github.com/Jarvis-616/cms 3 https://github.com/jenkinsci/git-client-plugin 3 https://github.com/jenkinsci/scriptler-plugin 3 https://github.com/jenkinsci/cvs-plugin 3 https://github.com/codehaus-plexus/plexus-utils 3 https://github.com/LetianYuan/My-CVE-Public-References 3 https://github.com/jenkinsci/database-plugin 3 https://github.com/jhy/jsoup 3 https://github.com/apache/geronimo 3 https://github.com/apache/flume 3 https://github.com/wildfly/wildfly-core 3 https://github.com/apache/dubbo 3 https://github.com/jenkinsci/embeddable-build-status-plugin 3 https://github.com/AsyncHttpClient/async-http-client 3 https://github.com/intranda/goobi-viewer-core 3 https://github.com/apache/derby 3 https://github.com/jeremylong/DependencyCheck 3 https://github.com/apache/cxf-fediz 3 https://github.com/Adobe-Consulting-Services/acs-aem-commons 3 https://github.com/eclipse-vertx/vert.x 3 https://github.com/jenkinsci/mailer-plugin 3 https://github.com/jenkinsci/mac-plugin 3