Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

maven Security Advisories

Loading...
Moderate
GSA_kwCzR0hTQS12cDM3LTJmOXAtM3ZyM80_xw
Cross-site Scripting in OWASP AntiSamy
Ecosystems: maven
Packages: org.owasp.antisamy:antisamy
Source: GitHub Advisory Database
Blast Radius: 16.2
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1nOWhoLXZ2eDMtdjM3ds0_tA
Denial of service in HtmlUnit-Neko
Ecosystems: maven
Packages: net.sourceforge.htmlunit:neko-htmlunit
Source: GitHub Advisory Database
Blast Radius: 14.9
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1nOTRwLWgyNjMtYzI2cc0_uA
Cross Site Request Forgery in Mingsoft MCMS
Ecosystems: maven
Packages: net.mingsoft:ms-mcms
Source: GitHub Advisory Database
Blast Radius: 2.6
Published: almost 2 years ago
High
GSA_kwCzR0hTQS00cG0zLWY1MmotOGdnaM0_og
Improper Input Validation in GeoServer
Ecosystems: maven
Packages: org.geoserver:gs-main
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS00cXFmLWhtdjYtcjZ3aM0_hQ
Use of a Broken or Risky Cryptographic Algorithm in Apache WSS4J
Ecosystems: maven
Packages: org.apache.ws.security:wss4j
Source: GitHub Advisory Database
Blast Radius: 18.4
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS1qNjhmLThoNnAtOWg1cc0-5A
Struts ParameterInterceptor vulnerability allows remote command execution
Ecosystems: maven
Packages: org.apache.struts:struts2-core
Source: GitHub Advisory Database
Blast Radius: 37.2
Published: almost 2 years ago
High
GSA_kwCzR0hTQS0yY2ZjLTg2NWotZ200d80-lg
XML External Entity Reference in detekt
Ecosystems: maven
Packages: io.gitlab.arturbosch.detekt:detekt-core
Source: GitHub Advisory Database
Blast Radius: 6.6
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1jMmNwLTN4ajktOTd3Oc0-tA
Denial of service in Spring Security OAuth2
Ecosystems: maven
Packages: org.springframework.security.oauth:spring-security-oauth2
Source: GitHub Advisory Database
Blast Radius: 25.8
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1jNHI1LXh2Z3ctMjk0Ms09Bg
Metrics exposure in Wildfly
Ecosystems: maven
Packages: org.wildfly:wildfly-metrics
Source: GitHub Advisory Database
Blast Radius: 5.2
Published: about 2 years ago
High
GSA_kwCzR0hTQS1nNW1tLXZteDQtM3JnN807dA
Improper handling of case sensitivity in Spring Framework
Ecosystems: maven
Packages: org.springframework:spring-context
Source: GitHub Advisory Database
Blast Radius: 40.2
Published: about 2 years ago
Critical
GSA_kwCzR0hTQS12OGo2LTZjMnItcjI3Y807Ew
Expression Language Injection in Apache Struts
Ecosystems: maven
Packages: org.apache.struts:struts2-core
Source: GitHub Advisory Database
Blast Radius: 37.2
Published: about 2 years ago
High
GSA_kwCzR0hTQS00NTVqLThoZzUtODU3Ns06uA
Stored Cross-site Scripting vulnerability in Jenkins Gerrit Trigger Plugin
Ecosystems: maven
Packages: com.sonyericsson.hudson.plugins.gerrit:gerrit-trigger
Source: GitHub Advisory Database
Blast Radius: 10.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1ydmc1LWY1ZmotbXh2Z806rA
Cross-site Scripting in Jenkins Credentials Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:credentials
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1ncDdjLXhtbW0tN3Bxcs06vQ
Stored Cross-site Scripting vulnerabilities in Jenkins Extended Choice Parameter Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:extended-choice-parameter
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1naHEyLW0zcHEtcWYzcM06rQ
Stored XSS in Jenkins CVS Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:cvs
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1wam0zLWY0dmgtM2gzaM06wg
Stored Cross-site Scripting in Jenkins Mask Passwords Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:mask-passwords
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1tM3AzLTJncDYtZ2hxOM06vA
Stored Cross-site Scripting vulnerability in Jenkins Jira Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:jira
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS1oaDZmLTZmcDUtZ2Zwds06tg
Untrusted users can modify some Pipeline libraries in Jenkins Pipeline: Deprecated Groovy Libraries Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins.workflow:workflow-cps-global-lib
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1mY3I2LTZjcGgtdm1jbc06ug
Stored XSS vulnerability in Jenkins Git Parameter Plugin
Ecosystems: maven
Packages: org.jenkins-ci.tools:git-parameter
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1mM2pxLTljNzktajY1bc06vw
Stored Cross-site Scripting vulnerability in Jenkins Job Generator Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:jobgenerator
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS13cHI2LXF2Y3EtODI2Oc06pw
Stored Cross-site Scripting vulnerability in Jenkins Subversion Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:subversion
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS01cHY3LWh4OW0tOGpoM806tw
Missing permission checks in Jenkins Publish Over FTP Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:publish-over-ftp
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS1qbXhyLXcyamMtcXA3d806pg
Promotion names in Jenkins promoted builds Plugin are not validated when using Job DSL
Ecosystems: maven
Packages: org.jenkins-ci.plugins:promoted-builds
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS02dzM5LXFobXEtZzhjcM06qg
CSRF vulnerability in Jenkins Publish Over FTP Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:publish-over-ftp
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS12OThyLWdqZ2MtbTlwZs06pA
Stored Cross-site Scripting vulnerability in Jenkins Promoted Builds Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:promoted-builds
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1wdjdwLWM3Y3AtdnJoM806qA
Stored Cross-site Scripting in Jenkins Node and Label parameter Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:nodelabelparameter
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1tNWN3LWM2NHAtNzdoNs06pQ
CSRF vulnerability in Jenkins Subversion Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:subversion
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS12aHhxLTltcHYtZ2o4N806ow
Private key stored in plain text by Jenkins Google Compute Engine Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:google-compute-engine
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS04eHBqLTlqOWctZmM5cs05eQ
SQL Injection in elide-datastore-aggregation
Ecosystems: maven
Packages: com.yahoo.elide:elide-datastore-aggregation
Source: GitHub Advisory Database
Blast Radius: 6.8
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1xcHAyLTJtY3AtMndtNc05dg
Unauthenticated user can list hidden document from multiple velocity templates in XWiki
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-web
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1naGNxLTQ3MnctdmY0aM05dQ
Incorrect Use of Privileged APIs in org.xwiki.platform.skin.skinx
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-skin-skinx
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS05N2pnLTQzYzktcTZwZs05dA
Unauthenticated user can retrieve the list of users through uorgsuggest.vm
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-web-templates
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Critical
GSA_kwCzR0hTQS1neDJjLWZ2aGMtcGg0as05Xg
Path traversal in Hadoop
Ecosystems: maven
Packages: org.apache.hadoop:hadoop-common
Source: GitHub Advisory Database
Blast Radius: 42.6
Published: about 2 years ago
High
GSA_kwCzR0hTQS1teDN4LXJtcmgtOXdmNs04yg
SQL injection in net.mingsoft:ms-mcms
Ecosystems: maven
Packages: net.mingsoft:ms-mcms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS0yOWY4LXE3bWYtN2Nxas04tg
Logic error in Apache Pinot
Ecosystems: maven
Packages: org.apache.pinot:pinot
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS00dzJxLTlocDItdnhqNc04eg
Path Traversal in Caucho Resin
Ecosystems: maven
Packages: com.caucho:resin
Source: GitHub Advisory Database
Blast Radius: 16.5
Published: about 2 years ago
High
GSA_kwCzR0hTQS1jbTI5LTZ3eDctcDg3NM034g
Keycloak insufficient session expiration
Ecosystems: maven
Packages: org.keycloak:keycloak-parent
Source: GitHub Advisory Database
Blast Radius: 11.5
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS01NTh4LTJ4amctNjIzMs038w
Allocation of Resources Without Limits or Throttling in Spring Framework
Ecosystems: maven
Packages: org.springframework:spring-expression
Source: GitHub Advisory Database
Blast Radius: 29.3
Published: about 2 years ago
Critical
GSA_kwCzR0hTQS02djczLWZnZjYtdzVqN8032w
Spring Cloud Function Code Injection with a specially crafted SpEL as a routing expression
Ecosystems: maven
Packages: org.springframework.cloud:spring-cloud-function-context
Source: GitHub Advisory Database
Blast Radius: 22.3
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1mY3J4LTg4MjktanBxeM03mg
Improper Restriction of XML External Entity Reference in wutka jox
Ecosystems: maven
Packages: com.wutka:jox
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
Critical
GSA_kwCzR0hTQS0zNnAzLXdqbWctaDk0eM03aQ
Remote Code Execution in Spring Framework
Ecosystems: maven
Packages: org.springframework:spring-webflux, org.springframework:spring-webmvc, org.springframework:spring-beans, org.springframework.boot:spring-boot-starter-webflux, org.springframework.boot:spring-boot-starter-web
Source: GitHub Advisory Database
Blast Radius: 57.9
Published: about 2 years ago
High
GSA_kwCzR0hTQS1xZzV4LTY2aHAtY3c1cM03XQ
Uncontrolled Resource Consumption in Apache DolphinScheduler
Ecosystems: pypi, maven
Packages: apache-dolphinscheduler, org.apache.dolphinscheduler:dolphinscheduler
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1maGh4LXI5ODMtNDR4Y8021w
SSL/TLS certificate validation globally disabled by Jenkins Proxmox Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:proxmox
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1wMmo3LTZnOWgtMzJ4aM02wg
Cross site scripting in Shopizer
Ecosystems: maven
Packages: com.shopizer:shopizer
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS1yd2cyLXc4MngtdjU3as023g
XML External Entity Reference vulnerability in Jenkins Pipeline: Phoenix AutoTest Plugin
Ecosystems: maven
Packages: com.surenpi.jenkins:phoenix-autotest
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS04cDR4LWZxOHYteGh2NM02tQ
Arbitrary file read vulnerability in Jenkins Continuous Integration with Toad Edge Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:ci-with-toad-edge
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS00NXY3LTY1cTgteDI5NM02pA
Stored XSS vulnerability in Jenkins Bitbucket Server Integration Plugin
Ecosystems: maven
Packages: io.jenkins.plugins:atlassian-bitbucket-server-integration
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS12cWN4LWp3NHItNmZwM802nw
CSRF vulnerability and missing permission check in Jenkins JiraTestResultReporter Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:JiraTestResultReporter
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS00cDhmLTJmd3YtNnhjd8022g
Missing permission check in Jenkins RocketChat Notifier Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:rocketchatnotifier
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS14MjVoLWY4NHgtd2g0bc021A
CSRF vulnerability in Jenkins RocketChat Notifier Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:rocketchatnotifier
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1ocG05LWZ4OHYtdzQ1ds02oQ
Plaintext storage in Jenkins instant-messaging Plugin
Ecosystems: maven
Packages: org.jvnet.hudson.plugins:instant-messaging
Source: GitHub Advisory Database
Blast Radius: 7.4
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS13OTd4LWo2cmctNTV2Nc022A
Password stored in plain text by Jenkins Proxmox Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:proxmox
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS12NHJyLTY1eDYtZzY5Zs021g
XXE vulnerability in Jenkins Flaky Test Handler Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:flaky-test-handler
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1nYzdtLXgyY2otMzc3Nc02ow
Missing permission check in Jenkins JiraTestResultReporter Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:JiraTestResultReporter
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1yNXI2LXY4cWgtcG1wcc02pg
Missing permission checks in Jekins Bitbucket Server Integration Plugin
Ecosystems: maven
Packages: io.jenkins.plugins:atlassian-bitbucket-server-integration
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS03amg4LWdod2MtODJjd802ng
Cross-site Scripting (XSS) vulnerability in Jenkins Continuous Integration with Toad Edge Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:ci-with-toad-edge
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS0ybWdqLW13dmYtbXBnNc02og
Missing permission checks in Jenkins Proxmox Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:proxmox
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS13anZyLTJoamctNnJoas021Q
CSRF vulnerability in Proxmox Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:proxmox
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS02aDJjLWc2ODgtcTlxcs02oA
Path traversal in Jenkins Phoenix AutoTest Plugin
Ecosystems: maven
Packages: com.surenpi.jenkins:phoenix-autotest
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS04cng2LXY1cTQteHczas02sA
enkins Coverage/Complexity Scatter Plot Plugin XML External Entity Reference vulnerability
Ecosystems: maven
Packages: org.jenkins-ci.plugins:covcomplplot
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS04NWY5LXc5Y3gtaDM2M802vg
Cross site request forgery in Jenkins Job and Node ownership Plugin
Ecosystems: maven
Packages: com.synopsys.jenkinsci:ownership
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS04aGgyLXJ4bTgtN2ZqOM02vQ
Missing permission check in Jenkins Continuous Integration with Toad Edge Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:ci-with-toad-edge
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1tYzkyLWM4NTktanI2Ns02nQ
Path traversal vulnerability on Windows in Jenkins Continuous Integration with Toad Edge Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:ci-with-toad-edge
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS14NjN2LXByaGMteHg2Zs02ug
Stored Cross-site Scripting vulnerability in Jenkins Job and Node ownership Plugin
Ecosystems: maven
Packages: com.synopsys.jenkinsci:ownership
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1taDI3LXJ4bXItOHE0Y802sg
Cross-site Scripting in Jenkins SiteMonitor Plugin
Ecosystems: maven
Packages: org.jvnet.hudson.plugins:sitemonitor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS05aGNqLTQ0OXYtOTIzNM02sQ
CSRF vulnerability in Jenkins Job and Node ownership Plugin
Ecosystems: maven
Packages: com.synopsys.jenkinsci:ownership
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS0yNWYyLXdneGotcGgyOc02uw
Missing permission check in Jenkins Job and Node ownership Plugin
Ecosystems: maven
Packages: com.synopsys.jenkinsci:ownership
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS02MmhjLWY4cWotNXhjM802tw
Path traversal in Jenkins Pipeline Phoenix AutoTest Plugin
Ecosystems: maven
Packages: com.surenpi.jenkins:phoenix-autotest
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS0zcjV4LXg2eGYtbThmds02lw
Arbitrary file read vulnerability in Jenkins Tests Selector Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:selected-tests-executor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1xNzg3LXFndzItajJxZs02nA
Stored Cross-site Scripting vulnerability in Jenkins Tests Selector Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:selected-tests-executor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS00YzdoLWYyajktOWM0Ns02mw
Missing permission Jenkins Pipeline Phoenix AutoTest Plugin
Ecosystems: maven
Packages: com.surenpi.jenkins:phoenix-autotest
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Critical
GSA_kwCzR0hTQS1wdjM5LXFwMjgtNG1naM017Q
Improper Restriction of XML External Entity Reference in soa-model
Ecosystems: maven
Packages: com.predic8:soa-model-core, com.predic8:soa-model-parent
Source: GitHub Advisory Database
Blast Radius: 17.7
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS14cGdjLWo0OGotand2Oc01-Q
Cross-site Scripting in Keycloak
Ecosystems: maven
Packages: org.keycloak:keycloak-core
Source: GitHub Advisory Database
Blast Radius: 18.7
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1qN3hnLTU1NDktanIzas01ng
Improper Certificate Validation in OWASP ZAP
Ecosystems: maven
Packages: org.zaproxy:zap
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS01dmpjLXF4NDMtcjc0N800Lg
Stored Cross-site Scripting in folder-auth plugin
Ecosystems: maven
Packages: io.jenkins.plugins:folder-auth
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS0zN2c3LTh2amotcGpwas00JA
RESTEasy 4.5.5.Final in hash flooding
Ecosystems: maven
Packages: org.jboss.resteasy:resteasy-bom
Source: GitHub Advisory Database
Blast Radius: 18.8
Published: about 2 years ago
High
GSA_kwCzR0hTQS1wNmo4LWhndjUtbTM1Z800Iw
Uncontrolled Resource Consumption in jboss-remoting
Ecosystems: maven
Packages: org.jboss.remoting:jboss-remoting
Source: GitHub Advisory Database
Blast Radius: 20.7
Published: about 2 years ago
Critical
GSA_kwCzR0hTQS03d2ZjLXg0ZjctZ2cyeM00Ig
Code injection in Apache Dubbo
Ecosystems: maven
Packages: org.apache.dubbo:dubbo
Source: GitHub Advisory Database
Blast Radius: 34.4
Published: about 2 years ago
Critical
GSA_kwCzR0hTQS01bWM3LW02ODYtcDZqZ800Hw
Deserialization of Untrusted Data in Apache Dubbo
Ecosystems: maven
Packages: com.alibaba:dubbo, org.apache.dubbo:dubbo
Source: GitHub Advisory Database
Blast Radius: 40.5
Published: about 2 years ago
Critical
GSA_kwCzR0hTQS1xbWZjLTZ3d3ctZmpxd800IQ
Code injection in Apache Dubbo
Ecosystems: maven
Packages: org.apache.dubbo:dubbo, com.alibaba:dubbo
Source: GitHub Advisory Database
Blast Radius: 40.5
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1ndzRqLTQyMjktcTRweM00IA
Server-Side Request Forgery in Apache Dubbo
Ecosystems: maven
Packages: com.alibaba:dubbo, org.apache.dubbo:dubbo
Source: GitHub Advisory Database
Blast Radius: 25.2
Published: about 2 years ago
Critical
GSA_kwCzR0hTQS12MnJnLThjd3ItNzVnOM00Hg
Deserializer tampering in Apache Dubbo
Ecosystems: maven
Packages: com.alibaba:dubbo, org.apache.dubbo:dubbo
Source: GitHub Advisory Database
Blast Radius: 40.5
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS01NGZ4LWdtNzQtcTY3Ns00HQ
Permissions bypass in SmallRye
Ecosystems: maven
Packages: io.smallrye.config:smallrye-config
Source: GitHub Advisory Database
Blast Radius: 10.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS1tOWNqLXY1NWYtOHgyNs00HA
Authentication Bypass in keycloak
Ecosystems: maven
Packages: org.keycloak:keycloak-core
Source: GitHub Advisory Database
Blast Radius: 26.9
Published: about 2 years ago
High
GSA_kwCzR0hTQS1naG04LW1teDcteHZnMs00GQ
Information Exposure in Apache Tapestry
Ecosystems: maven
Packages: org.apache.tapestry:tapestry-core
Source: GitHub Advisory Database
Blast Radius: 21.6
Published: about 2 years ago
High
GSA_kwCzR0hTQS0zcmozLXFwMmotNGZqMs00Fw
Cross-Site Request Forgery in Jenkins P4 Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:p4
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS13ZnhwLTRxZ3ctcXAzY800Fg
XML external entity (XXE) attacks in Jenkins Xcode integration Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:xcode-plugin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS02eHA2LWZtYzgtcG1tcs00FA
Temporary Directory Hijacking Vulnerability in Keycloak
Ecosystems: maven
Packages: org.keycloak:keycloak-core
Source: GitHub Advisory Database
Blast Radius: 22.4
Published: about 2 years ago
Critical
GSA_kwCzR0hTQS1meGhwLXdydzktM3I5N800EQ
XML external entity (XXE) injection in Apache Nutch
Ecosystems: maven
Packages: org.apache.nutch:nutch
Source: GitHub Advisory Database
Blast Radius: 17.1
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS12dzgzLWgzbXEtM3F3as00EA
Path Traversal in Spring-integration-zip
Ecosystems: maven
Packages: org.springframework.integration:spring-integration-zip
Source: GitHub Advisory Database
Blast Radius: 4.8
Published: about 2 years ago
High
GSA_kwCzR0hTQS14M20zLWc4dzYtbWYyOM0y-w
Agent-to-controller security bypass in Jenkins Semantic Versioning Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:semantic-versioning-plugin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS04NzRyLTQ2YzYtN3A0cs0zAg
Stored Cross-site Scripting vulnerability in Jenkins Favorite Plugin
Ecosystems: maven
Packages: org.jvnet.hudson.plugins:favorite
Source: GitHub Advisory Database
Blast Radius: 10.4
Published: about 2 years ago
Low
GSA_kwCzR0hTQS01bXBmLWh3OGYtODZ3Oc0y-g
Sensitive parameter values captured in build metadata files by Jenkins Parameterized Trigger Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:parameterized-trigger
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS02Zmc0LTM2djcteHYzMs0y_g
Stored Cross-site Scripting vulnerability in Jenkins Dashboard View Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:dashboard-view
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS1oMnY1LTNocGMtODVqNc0zIg
Stored Cross-site Scripting vulnerability in Jenkins Extended Choice Parameter Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:extended-choice-parameter
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1jaHI2LTM4NnEtNG0zds0y_Q
Stored Cross-site Scripting vulnerability in Jenkins Folder-based Authorization Strategy Plugin
Ecosystems: maven
Packages: io.jenkins.plugins:folder-auth
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1jaDYzLTZjbWctZ3dnMs0zIw
Arbitrary JSON and property file read vulnerability in Jenkins Extended Choice Parameter Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:extended-choice-parameter
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1mcXB4LXhmanItMnFyOc0zGA
CSRF vulnerability and missing permission checks in Jenkins Extended Choice Parameter Plugin allow SSRF
Ecosystems: maven
Packages: org.jenkins-ci.plugins:extended-choice-parameter
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS1wdjRtLTdjNjgtZjRjNc0y_A
CSRF vulnerability in Jenkins CloudBees AWS Credentials Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:aws-credentials
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1tOWd2LTQ1MjMtamZmbc0y_w
Missing permission checks in AWS Credentials Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:aws-credentials
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Statistics
Advisories: 17,466
Packages: 8,120
Repositories: 964
Ecosystems: 12
Filter by Severity
Moderate 7,469 High 6,099 Critical 2,660 Low 957
Filter by Ecosystem
maven 5,491 npm 3,495 pypi 3,463 packagist 3,212 go 1,835 nuget 1,388 rubygems 812 cargo 771 swift 31 hex 29 actions 16 pub 8
Filter by Package
org.jenkins-ci.main:jenkins-core 189 org.apache.tomcat:tomcat 140 com.fasterxml.jackson.core:jackson-databind 69 org.apache.struts:struts2-core 55 com.liferay.portal:release.portal.bom 45 org.keycloak:keycloak-core 43 com.thoughtworks.xstream:xstream 36 com.jfinal:jfinal 36 net.mingsoft:ms-mcms 35 org.xwiki.platform:xwiki-platform-oldcore 34 org.elasticsearch:elasticsearch 32 org.apache.tomcat.embed:tomcat-embed-core 31 org.jenkins-ci.plugins:script-security 30 io.undertow:undertow-core 27 org.keycloak:keycloak-services 26 org.keycloak:keycloak-parent 26 org.apache.solr:solr-core 25 org.eclipse.jetty:jetty-server 23 org.springframework.security:spring-security-core 23 org.apache.nifi:nifi 22 org.apache.openmeetings:openmeetings-parent 21 org.cloudfoundry.identity:cloudfoundry-identity-server 20 org.springframework:spring-core 19 com.liferay.portal:release.dxp.bom 18 org.bouncycastle:bcprov-jdk14 18 com.vaadin:vaadin-bom 18 org.apache.geode:geode-core 17 org.xwiki.platform:xwiki-platform-web-templates 17 org.apache.activemq:activemq-client 16 org.bouncycastle:bcprov-jdk15 16 org.apache.dubbo:dubbo 16 org.apache.jspwiki:jspwiki-main 15 org.apache.struts.xwork:xwork-core 15 org.xwiki.platform:xwiki-platform-web 14 org.apache.hadoop:hadoop-main 13 org.apache.cxf:cxf 13 org.apache.inlong:manager-pojo 13 org.apache.dolphinscheduler:dolphinscheduler 12 org.jenkins-ci.plugins:git 12 com.vaadin:flow-server 12 org.jenkins-ci.plugins.workflow:workflow-cps 12 org.apache.commons:commons-compress 11 org.jeecgframework.boot:jeecg-boot-common 11 org.apache.james:james-server 11 org.mortbay.jetty:jetty 11 org.apache.ranger:ranger 11 org.apache.hadoop:hadoop-common 11 org.apache.tika:tika-core 11 org.apache.cxf:cxf-core 11 org.jeecgframework.boot:jeecg-boot-parent 11 com.xuxueli:xxl-job 11 org.apache.jspwiki:jspwiki-war 11 org.igniterealtime.openfire:parent 11 org.apache.camel:camel-core 11 org.jenkins-ci.plugins:email-ext 11 org.jenkins-ci.plugins.workflow:workflow-cps-global-lib 10 io.netty:netty 10 org.xwiki.platform:xwiki-platform-administration-ui 10 org.jboss.netty:netty 10 org.apache.inlong:manager-service 10 org.apache.shiro:shiro-core 9 org.jenkins-ci.plugins:active-directory 9 org.apache.archiva:archiva 9 cn.hutool:hutool-core 9 org.apache.xmlgraphics:batik 9 com.sonyericsson.jenkins.plugins.bfa:build-failure-analyzer 9 org.bouncycastle:bcprov-jdk15on 9 org.opennms:opennms 9 org.opencrx:opencrx-core-models 9 org.apache.tapestry:tapestry-core 9 io.jenkins:configuration-as-code 9 org.webjars.npm:jquery 9 org.springframework:spring-webmvc 9 jquery-rails 9 jquery 9 org.craftercms:crafter-studio 9 org.jenkins-ci.plugins:config-file-provider 9 org.apache.hive:hive 9 org.jenkins-ci.plugins:electricflow 9 org.yaml:snakeyaml 8 org.springframework:spring-web 8 org.opencms:opencms-core 8 org.apache.kylin:kylin 8 org.apache.ambari:ambari 8 org.graylog2:graylog2-server 8 org.apache.pdfbox:pdfbox 8 org.apache.santuario:xmlsec 8 org.apache.hive:hive-exec 8 org.postgresql:postgresql 8 org.jenkins-ci.plugins:ec2 8 mysql:mysql-connector-java 8 jQuery 8 org.apache.zeppelin:zeppelin 8 com.hazelcast:hazelcast 8 io.jenkins.blueocean:blueocean 8 org.apache.ozone:ozone-main 8 org.apache.linkis:linkis 7 org.apache.cxf:apache-cxf 7 org.apache.inlong:manager-web 7 org.apache.derby:derby 7 org.owasp.antisamy:antisamy 7 io.jenkins.plugins:miniorange-saml-sp 7 jQuery.UI.Combined 7 org.apache.activemq:activemq-parent 7 org.jenkins-ci.plugins:subversion 7 org.owasp.esapi:esapi 7 org.webjars.npm:jquery-ui 7 jquery-ui-rails 7 org.apache.tika:tika 7 jquery-ui 7 org.apache.karaf:apache-karaf 7 org.jenkins-ci.plugins:artifactory 7 org.jenkins-ci.plugins:jobConfigHistory 7 org.apache.logging.log4j:log4j-core 7 org.jboss.resteasy:resteasy-client 7 io.dataease:dataease-plugin-common 7 org.jruby:jruby-stdlib 7 rubygems-update 7 org.apache.spark:spark-core_2.11 7 org.jeecgframework.boot:jeecg-boot-base 7 io.jenkins.plugins:warnings-ng 7 org.apache.hive:hive-service 7 org.apache.atlas:atlas-common 7 org.jenkins-ci.plugins:openshift-deployer 7 net.opentsdb:opentsdb 7 org.apache.tomcat:tomcat-catalina 7 org.silverpeas.core:silverpeas-core-web 7 org.jenkins-ci.plugins:rundeck 7 org.jenkins-ci.plugins:mercurial 7 io.jenkins.plugins:cavisson-ns-nd-integration 7 org.apache.poi:poi 7 io.atomix:atomix 7 org.apache.tomcat:tomcat-coyote 7 com.xebialabs.deployit.ci:deployit-plugin 6 org.apache.mesos:mesos 6 org.jenkins-ci.plugins:repository-connector 6 org.jenkins-ci.plugins:pipeline-maven 6 org.apache.syncope:syncope-core 6 cn.hutool:hutool-json 6 tech.powerjob:powerjob 6 org.csanchez.jenkins.plugins:kubernetes 6 org.apache.pulsar:pulsar-broker 6 org.jenkins-ci.plugins:gitlab-oauth 6 org.apache.axis:axis 6 axis:axis 6 commons-fileupload:commons-fileupload 6 org.xwiki.commons:xwiki-commons-xml 6 org.opencastproject:opencast-kernel 6 org.apache.shenyu:shenyu-common 6 org.apache.httpcomponents:httpclient 6 org.jenkins-ci.plugins:fortify-on-demand-uploader 6 hudson.plugins:project-inheritance 6 org.apache.struts:struts2-rest-plugin 6 org.opensearch.plugin:opensearch-security 6 org.apache.solr:solr-parent 6 io.netty:netty-codec-http 6 org.apache.storm:storm-core 6 org.jenkins-ci.plugins:azure-vm-agents 6 org.apache.spark:spark-core_2.10 6 io.netty:netty-handler 6 de.tum.in.ase:artemis-java-test-sandbox 6 org.jenkins-ci.plugins:ec2-deployment-dashboard 6 com.sonyericsson.hudson.plugins.gerrit:gerrit-trigger 6 com.jflyfox:jflyfox_jfinal 6 io.projectreactor.netty:reactor-netty-http 5 com.vaadin:vaadin-server 5 org.biouno:uno-choice 5 org.jenkins-ci.plugins:htmlpublisher 5 io.vertx:vertx-core 5 xerces:xercesImpl 5 com.alibaba:dubbo 5 org.jenkins-ci.plugins:matrix-project 5 org.jenkinsci.plugins:octoperf 5 org.jenkins-ci.plugins:google-login 5 org.opennms:opennms-webapp 5 edu.stanford.nlp:stanford-corenlp 5 org.xwiki.platform:xwiki-platform-flamingo-skin-resources 5 org.jenkins-ci.plugins:websphere-deployer 5 org.jenkins-ci.plugins:azure-ad 5 org.jenkins-ci.plugins:credentials 5 org.apache.inlong:manager-dao 5 org.jenkins-ci.plugins:scriptler 5 com.ruoyi:ruoyi 5 com.google.protobuf:protobuf-java 5 org.jenkins-ci.plugins:codedx 5 org.apache.ignite:ignite-core 5 org.apache.druid:druid 5 com.mabl.integration.jenkins:mabl-integration 5 org.jenkins-ci.plugins:support-core 5 org.apache.kylin:kylin-server-base 5 org.jenkins-ci.plugins:delphix 5 org.codehaus.jettison:jettison 5 org.xwiki.platform:xwiki-platform-appwithinminutes-ui 5 org.neo4j.procedure:apoc 5 org.jeecgframework.boot:jeecg-boot-base-core 5 org.dspace:dspace-jspui 5 org.jboss.resteasy:resteasy-bom 5 org.apache.hadoop:hadoop-client 5 org.springframework.security.oauth:spring-security-oauth2 5 org.jenkins-ci.plugins:ghprb 5
Filter by Repository
https://github.com/xwiki/xwiki-platform 172 https://github.com/jenkinsci/jenkins 148 https://github.com/apache/tomcat 93 https://github.com/FasterXML/jackson-databind 70 https://github.com/keycloak/keycloak 54 https://github.com/apache/struts 46 https://github.com/spring-projects/spring-framework 40 https://github.com/x-stream/xstream 36 https://github.com/apache/activemq 32 https://github.com/CVEProject/cvelist 28 https://github.com/apache/inlong 25 https://github.com/eclipse/jetty.project 23 https://github.com/apache/nifi 21 https://github.com/jeecgboot/jeecg-boot 20 https://github.com/OpenNMS/opennms 20 https://github.com/netty/netty 20 https://github.com/jenkinsci/script-security-plugin 20 https://github.com/apache/cxf 19 https://github.com/cloudfoundry/uaa 19 https://github.com/bcgit/bc-java 18 https://github.com/vaadin/platform 17 https://github.com/opencast/opencast 16 https://github.com/geoserver/geoserver 15 https://github.com/apache/camel 15 https://github.com/xuxueli/xxl-job 13 https://github.com/undertow-io/undertow 13 https://github.com/ming-soft/MCMS 13 https://github.com/apache/kylin 12 https://github.com/apache/dolphinscheduler 12 https://github.com/dromara/hutool 12 https://github.com/igniterealtime/Openfire 11 https://github.com/vaadin/flow 11 https://github.com/quarkusio/quarkus 11 https://github.com/jenkinsci/git-plugin 10 https://github.com/jquery/jquery 10 https://github.com/spring-projects/spring-security 9 https://github.com/DSpace/DSpace 9 https://github.com/Graylog2/graylog2-server 9 https://github.com/cui2shark/cms 9 https://github.com/apache/lucene-solr 9 https://github.com/jenkinsci/config-file-provider-plugin 8 https://github.com/hazelcast/hazelcast 8 https://github.com/apache/zeppelin 8 https://github.com/opensearch-project/security 8 https://github.com/nahsra/antisamy 8 https://github.com/xwiki/xwiki-commons 8 https://github.com/RhinoSecurityLabs/CVEs 7 https://github.com/ratpack/ratpack 7 https://github.com/pgjdbc/pgjdbc 7 https://github.com/vaadin/framework 7 https://github.com/rubygems/rubygems 7 https://github.com/jflyfox/jfinal_cms 7 https://github.com/rundeck/rundeck 7 https://github.com/dataease/dataease 7 https://github.com/jenkinsci/blueocean-plugin 7 https://github.com/OpenTSDB/opentsdb 7 https://github.com/apache/xmlgraphics-batik 7 https://github.com/vert-x3/vertx-web 6 https://github.com/cui2shark/security 6 https://github.com/apache/tika 6 https://github.com/jquery/jquery-ui 6 https://github.com/line/armeria 6 https://github.com/ls1intum/Ares 6 https://github.com/http4s/http4s 6 https://github.com/jenkinsci/ec2-plugin 6 https://github.com/jenkinsci/gerrit-trigger-plugin 6 https://github.com/apache/hadoop 6 https://github.com/jenkinsci/fortify-on-demand-uploader-plugin 6 https://github.com/jenkinsci/electricflow-plugin 6 https://github.com/jenkinsci/configuration-as-code-plugin 6 https://github.com/playframework/playframework 6 https://github.com/OpenRefine/OpenRefine 6 https://github.com/jenkinsci/build-failure-analyzer-plugin 6 https://github.com/resteasy/resteasy 6 https://github.com/apache/pulsar 6 https://bitbucket.org/snakeyaml/snakeyaml 6 https://github.com/ESAPI/esapi-java-legacy 6 https://github.com/DrunkenShells/Disclosures 6 https://github.com/h2database/h2database 5 https://github.com/jenkinsci/support-core-plugin 5 https://github.com/PowerJob/PowerJob 5 https://github.com/jenkinsci/subversion-plugin 5 https://github.com/neo4j-contrib/neo4j-apoc-procedures 5 https://bitbucket.org/connect2id/nimbus-jose-jwt 5 https://github.com/jenkinsci/m2release-plugin 5 https://github.com/jenkinsci/email-ext-plugin 5 https://github.com/OpenAPITools/openapi-generator 5 https://github.com/apiman/apiman 5 https://github.com/grails/grails-core 5 https://github.com/jenkinsci/publish-over-ssh-plugin 5 https://github.com/alibaba/nacos 5 https://github.com/JLLeitschuh/security-research 5 https://github.com/jenkinsci/active-directory-plugin 5 https://github.com/jettison-json/jettison 5 https://github.com/jensdietrich/xshady-release 5 https://github.com/restlet/restlet-framework-java 5 https://github.com/jenkinsci/codedx-plugin 5 https://github.com/apache/karaf 5 https://github.com/apache/shenyu 5 https://github.com/jenkinsci/workflow-cps-global-lib-plugin 5 https://github.com/apache/shiro 5 https://github.com/jenkinsci/gitlab-plugin 5 https://github.com/protocolbuffers/protobuf 5 https://github.com/jenkinsci/github-plugin 5 https://github.com/apache/geode 5 https://github.com/jenkinsci/junit-plugin 5 https://github.com/apache/openmeetings 5 https://github.com/apache/syncope 4 https://github.com/pippo-java/pippo 4 https://github.com/apache/solr 4 https://github.com/reportportal/reportportal 4 https://github.com/resteasy/Resteasy 4 https://github.com/jenkinsci/nexus-platform-plugin 4 https://github.com/jenkinsci/p4-plugin 4 https://github.com/jenkinsci/matrix-project-plugin 4 https://github.com/jenkinsci/rundeck-plugin 4 https://github.com/jenkinsci/libvirt-slave-plugin 4 https://github.com/jenkinsci/warnings-ng-plugin 4 https://github.com/jenkinsci/workflow-cps-plugin 4 https://github.com/jenkinsci/job-config-history-plugin 4 https://github.com/jenkinsci/xldeploy-plugin 4 https://github.com/jfinal/jfinal 4 https://github.com/jenkinsci/htmlpublisher-plugin 4 https://github.com/jenkinsci/hpe-application-automation-tools-plugin 4 https://github.com/ktorio/ktor 4 https://github.com/HtmlUnit/htmlunit 4 https://github.com/jenkinsci/gitlab-oauth-plugin 4 https://github.com/micronaut-projects/micronaut-core 4 https://github.com/jenkinsci/fortify-plugin 4 https://github.com/aws/aws-iot-device-sdk-java-v2 4 https://github.com/nightcloudos/new_cms 4 https://github.com/infinispan/infinispan 4 https://github.com/itext/itext7 4 https://github.com/shopizer-ecommerce/shopizer 4 https://github.com/jenkinsci/active-choices-plugin 4 https://github.com/apache/httpcomponents-client 4 https://github.com/stanfordnlp/corenlp 4 https://github.com/yamcs/yamcs 4 https://github.com/jenkinsci/ansible-plugin 4 https://github.com/xerial/snappy-java 4 https://github.com/jenkinsci/credentials-binding-plugin 4 https://github.com/alkacon/opencms-core 4 https://github.com/apache/activemq-artemis 4 https://github.com/jenkinsci/jira-plugin 3 https://github.com/jenkinsci/audit-trail-plugin 3 https://svn.apache.org/viewvc/lucene/dev 3 https://github.com/jenkinsci/crx-content-package-deployer-plugin 3 https://github.com/wildfly/wildfly-core 3 https://github.com/jenkinsci/code-coverage-api-plugin 3 https://github.com/AsyncHttpClient/async-http-client 3 https://github.com/intranda/goobi-viewer-core 3 https://github.com/opengoofy/hippo4j 3 https://github.com/eclipse-ee4j/mojarra 3 https://github.com/grpc/grpc 3 https://github.com/jenkinsci/bitbucket-oauth-plugin 3 https://github.com/eclipse/lemminx 3 https://github.com/jenkinsci/kubernetes-plugin 3 https://github.com/jenkinsci/cloudbees-jenkins-advisor-plugin 3 https://github.com/orientechnologies/orientdb 3 https://github.com/jenkinsci/embeddable-build-status-plugin 3 https://github.com/OWASP/json-sanitizer 3 https://github.com/jenkinsci/liquibase-runner-plugin 3 https://github.com/apache/jackrabbit 3 https://github.com/eclipse-vertx/vert.x 3 https://github.com/wso2/carbon-registry 3 https://github.com/peteroupc/CBOR-Java 3 https://github.com/pf4j/pf4j 3 https://github.com/jenkinsci/nomad-plugin 3 https://github.com/jenkinsci/lucene-search-plugin 3 https://github.com/jenkinsci/cas-plugin 3 https://github.com/codehaus-plexus/plexus-utils 3 https://github.com/jenkinsci/hashicorp-vault-plugin 3 https://github.com/xwiki/xwiki-rendering 3 https://github.com/LetianYuan/My-CVE-Public-References 3 https://github.com/jenkinsci/azure-vm-agents-plugin 3 https://github.com/jooby-project/jooby 3 https://github.com/li-yu320/cms 3 https://github.com/joniles/mpxj 3 https://github.com/apache/dubbo 3 https://github.com/apache/derby 3 https://github.com/jenkinsci/azure-credentials-plugin 3 https://github.com/apache/cxf-fediz 3 https://github.com/jhy/jsoup 3 https://github.com/matrix-org/matrix-android-sdk2 3 https://github.com/jenkinsci/git-parameter-plugin 3 https://github.com/mbechler/marshalsec 3 https://github.com/jenkinsci/compuware-topaz-for-total-test-plugin 3 https://github.com/jenkinsci/gitlab-branch-source-plugin 3 https://github.com/apache/flume 3 https://github.com/apache/geronimo 3 https://github.com/jeremylong/DependencyCheck 3 https://github.com/Adobe-Consulting-Services/acs-aem-commons 3 https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server 3 https://github.com/apache/commons-configuration 3 https://github.com/jenkinsci/git-client-plugin 3 https://bitbucket.org/b_c/jose4j 3 https://github.com/Jarvis-616/cms 3 https://github.com/ysuzhangbin/cms 3 https://github.com/Rabb1ter/cms 3