maven
Security Advisories in maven
Critical
3 days ago
LaunchServer FileServerHandler has an unauthenticated path traversal issue
maven
pro.gravit.launcher:launchserver-api
High
3 days ago
Keycloak: Unauthorized access via improper validation of encrypted SAML assertions
maven
org.keycloak:keycloak-services
High
4 days ago
OnGres SCRAM silent channel-binding authentication downgrade via unsupported certificate algorithms
maven
com.ongres.scram:scram-common, com.ongres.scram:scram-client
High
4 days ago
Keycloak has privilege escalation via improper scope mapping enforcement
maven
org.keycloak:keycloak-services
Low
4 days ago
land.oras:oras-java-sdk: Symlink-based path traversal in ArchiveUtils.untar / unzip allows arbitrary file write outside extraction directory
maven
land.oras:oras-java-sdk
High
4 days ago
GeoNetwork has ACL bypass on Elasticsearch search when request body omits query field
maven
org.geonetwork-opensource:geonetwork
High
4 days ago
GeoNetwork has reflected XSS through client-side template injection
maven
org.geonetwork-opensource:geonetwork
Low
5 days ago
Sigstore Java has a vulnerability with bundle verification of integratedTime
maven
dev.sigstore:sigstore-java
Moderate
6 days ago
OpenAM OAuth Authorization Bypass via PKCE Challenge
maven
org.openidentityplatform.openam:openam-oauth2
High
6 days ago
OpenAM OAuth Client Impersonation via JWKS Resolver Cache
maven
org.openidentityplatform.openam:openam-oauth2
High
6 days ago
OpenAM Authenticated RCE via Groovy Sandbox Escape
maven
org.openidentityplatform.openam:openam-scripting
High
9 days ago
OpenAM Account Takeover via Unverified Password Change in OAuth2 Module
maven
org.openidentityplatform.openam:openam-auth-oauth2
High
9 days ago
OpenAM Authentication Bypass via MSISDN LDAP Injection
maven
org.openidentityplatform.openam:openam-auth-msisdn
Moderate
10 days ago
nextflow auth login command has incorrect default permissions
maven
io.nextflow:nextflow
High
10 days ago
OpenAM: Unauthenticated Authentication Bypass via RADIUS Spoofing
maven
org.openidentityplatform.openam:openam-radius
High
10 days ago
OpenAM Arbitrary OAuth Token Minting via Push Registration
maven
org.openidentityplatform.openam:openam-oauth2
High
10 days ago
OpenAM has Unsafe Java Deserialization via SNS
maven
org.openidentityplatform.openam:openam-push-notification
Critical
11 days ago
OpenAM Pre-auth User Profile Tampering via Anonymous SOAP Authn in Liberty IDPP/Discovery Endpoints
maven
org.openidentityplatform.openam:openam-federation-library
Critical
11 days ago
OpenAM: Pre-auth RCE via Java Deserialization in WebAuthn Authenticator Storage
maven
org.openidentityplatform.openam:openam-auth-webauthn
Moderate
12 days ago
OHttpVersionChunkDraft: Missing Final-Chunk Enforcement Leads to Undetected Stream Truncation
maven
io.netty.incubator:netty-incubator-codec-ohttp
Moderate
12 days ago
jackson-databind has @JsonView bypass for setterless creator properties
maven
tools.jackson.core:jackson-databind, com.fasterxml.jackson.core:jackson-databind
Moderate
12 days ago
jackson-databind's renamed @JsonIgnore'd setters can deserialize via private fields
maven
tools.jackson.core:jackson-databind, com.fasterxml.jackson.core:jackson-databind
Moderate
12 days ago
jackson-databind has case-insensitive deserialization bypasses per-property @JsonIgnoreProperties
maven
tools.jackson.core:jackson-databind
Moderate
12 days ago
jackson-databind: InetSocketAddress deserialization triggers eager DNS resolution (SSRF)
maven
tools.jackson.core:jackson-databind, com.fasterxml.jackson.core:jackson-databind
High
12 days ago
jackson-databind has an array subtype allowlist bypass in BasicPolymorphicTypeValidator (allowIfSubTypeIsArray)
maven
tools.jackson.core:jackson-databind, com.fasterxml.jackson.core:jackson-databind
High
12 days ago
jackson-databind has a PolymorphicTypeValidator bypass via generic type parameters that allows arbitrary class instantiation
maven
tools.jackson.core:jackson-databind, com.fasterxml.jackson.core:jackson-databind
Moderate
12 days ago
jackson-databind: Deeply nested JsonNode throws StackOverflowError for toString()
maven
com.fasterxml.jackson.core:jackson-databind
Moderate
12 days ago
jackson-databind has a @JsonView bypass for unwrapped creator parameters
maven
tools.jackson.core:jackson-databind, com.fasterxml.jackson.core:jackson-databind
High
12 days ago
OpenAM Unauthenticated Session Hijacking via Information Exposure in CDCServlet
maven
org.openidentityplatform.openam:openam-federation
High
12 days ago
OpenAM Authenticated Privilege Escalation via Raw Token Disclosure Session RPC
maven
org.openidentityplatform.openam:openam-core
Critical
13 days ago
OpenDJ Pre-Auth RCE via Java Deserialization in JMX RMI
maven
org.openidentityplatform.opendj:opendj-server-legacy
High
13 days ago
Spinnaker has uon-safe yaml deserialization, allowing RCE when using specific types
maven
io.spinnaker.orca:orca-core, io.spinnaker.rosco:rosco-core
Low
13 days ago
OpenAM SAML2 Cluster Cookie-Hash-Redirect Path has Pre-authentication Reflected XSS via `FSUtils.postToTarget`
maven
org.openidentityplatform.openam:openam-federation-library
Critical
13 days ago
OpenAM has pre-auth Reflected XSS in OAuth2 / OIDC response_mode=form_post via state parameter (FormPostResponse.ftl)
maven
org.openidentityplatform.openam:openam-oauth2
Moderate
13 days ago
OpenAM Authenticated Server-Side Request Forgery (SSRF) via `/sessionservice`
maven
org.openidentityplatform.openam:openam-core
Critical
13 days ago
xwiki-pro-macros has remote code execution from page title and content via excerpt-include macro
maven
com.xwiki.pro:xwiki-pro-macros
High
13 days ago
OpenAM has LDAP Injection via `_queryId` Parameter
maven
org.openidentityplatform.openam:openam-core-rest
Critical
16 days ago
OpenRemote Manager: removeAlarms cross-realm IDOR (bulk delete)
maven
io.openremote:openremote-manager
Moderate
16 days ago
http4k: `ServerFilters.DigestAuth` / `DigestAuthProvider` defaulted to an always-true nonce verifier, disabling replay protection in default deployments
maven
org.http4k:http4k-security-digest
Moderate
16 days ago
http4k: BasicCookieStorage` (renamed `InsecureCookieStorage`) did not enforce RFC 6265 cookie scoping; new `DefaultCookieStorage` is now the default
maven
org.http4k:http4k-core
High
16 days ago
http4k: `HmacSha256.hash` (despite the `Hmac` naming) computed a plain unkeyed digest; clarified by deprecation in favour of `Sha256.hash` / `Sha256.hmac`
maven
org.http4k:http4k-core
Moderate
16 days ago
http4k: `reverseProxy()` defaulted to substring (`Contains`) matching on `Host`; tightened to `Exact`
maven
org.http4k:http4k-core
Moderate
16 days ago
Allure Report: Stored XSS via unescaped ANSI helper in status message/trace rendering
maven
io.qameta.allure:allure-generator
Moderate
16 days ago
Allure Report: Path Traversal in HTTP Server Allows Arbitrary File Read
maven
io.qameta.allure:allure-commandline
Moderate
17 days ago
NL Portal Backend Libraries: Unauthenticated form resolver forwards the privileged Objecten-API token to a caller-supplied URL (SSRF)
maven
nl.nl-portal:form
Moderate
17 days ago
Armeria: External Control of File Name or Path in xDS SDS DataSource
maven
com.linecorp.armeria:armeria-xds
Moderate
17 days ago
NL Portal Backend Libraries: Document contents remained downloadable by any logged-in user (incomplete fix of CVE-2026-49463)
maven
nl.nl-portal:documenten-api
High
18 days ago
JLine3 Telnet server: Unauthenticated Remote Memory Exhaustion via Unbounded Telnet NEW-ENVIRON Variables
maven
org.jline:jline-remote-telnet
High
18 days ago
JLine3 Telnet server: Unauthenticated Remote DoS via Unbounded Telnet NAWS Terminal Geometry
maven
org.jline:jline-remote-telnet
High
18 days ago
Karate Mock Server RCE via embedded expression evaluation of request-derived data
maven
io.karatelabs:karate-core
Moderate
18 days ago
Strimzi: Unrestricted access to all Secrets within namespace watched by the Topic operator
maven
io.strimzi:strimzi
High
18 days ago
Strimzi: Cross-namespace privilege escalation via `Kafka.spec.entityOperator`
maven
io.strimzi:strimzi
Critical
18 days ago
HAPI FHIR: XXE in XsltUtilities.saxonTransform via unhardened Saxon TransformerFactory
maven
ca.uhn.hapi.fhir:org.hl7.fhir.utilities
High
18 days ago
HAPI FHIR: Incomplete fix for CVE-2026-45367: DSTU2 FHIRPathEngine.matches() missing RegexTimeout protection allows ReDoS
maven
ca.uhn.hapi.fhir:org.hl7.fhir.validation.cli, ca.uhn.hapi.fhir:org.hl7.fhir.validation, ca.uhn.hapi.fhir:org.hl7.fhir.convertors, ca.uhn.hapi.fhir:org.hl7.fhir.dstu2
High
18 days ago
handlebars.java FileTemplateLoader Path Traversal
maven
com.github.jknack:handlebars
High
18 days ago
LangChain4j: SQL injection via metadata filters in langchain4j-mariadb and langchain4j-pgvector
maven
dev.langchain4j:langchain4j-pgvector, dev.langchain4j:langchain4j-mariadb
High
18 days ago
Apache Shiro: LDAP DN Injection in DefaultLdapRealm
maven
org.apache.shiro:shiro-core
Moderate
18 days ago
Apache DolphinScheduler: An incorrect authorization vulnerability allows authenticated users to access alert instances associated with alert groups they do not have permission to access.
maven
org.apache.dolphinscheduler:dolphinscheduler-api
Moderate
18 days ago
Apache DolphinScheduler: Incorrect Authorization vulnerability allows users with system login privileges to delete task definitions in unauthorized projects
maven
org.apache.dolphinscheduler:dolphinscheduler-api
Moderate
18 days ago
Apache DolphinScheduler: Incorrect Authorization vulnerability allows users to access workflow instance information belonging to projects they do not have permission to access.
maven
org.apache.dolphinscheduler:dolphinscheduler-api
Critical
18 days ago
Apache DolphinScheduler: The `/v2` experimental interface lacks permission checks
maven
org.apache.dolphinscheduler:dolphinscheduler-api
Critical
18 days ago
Apache DolphinScheduler: DataSource API Missing Authorization Check Leads to Arbitrary Data Source Metadata Disclosure
maven
org.apache.dolphinscheduler:dolphinscheduler-api
Moderate
20 days ago
Netty susceptible to HTTP/2 Reset Attack with different on-the-wire signature
maven
io.netty:netty-codec-http2
Moderate
20 days ago
Netty: HttpObjectDecoder skips arbitrary initial control characters when only initial CRLF characters are permitted
maven
io.netty:netty-codec-http
High
20 days ago
Netty: Unbounded pre-allocation in RedisArrayAggregator from RESP array length
maven
io.netty:netty-codec-redis
High
20 days ago
Netty: Wrapping plain trust manager silently disables hostname verification
maven
io.netty:netty-handler
Moderate
20 days ago
Netty: QUIC stateless reset token material exposed through header-visible connection IDs
maven
io.netty:netty-codec-classes-quic
High
20 days ago
Netty HTTP/3 QPACK Blocked Streams Memory Exhaustion
maven
io.netty:netty-codec-http3
Moderate
23 days ago
ConnectBot SSH Client Library: Excessive allocation and integer overflow in DER private-key parsing
maven
org.connectbot.sshlib:sshlib
Moderate
23 days ago
ConnectBot SSH Client Library: Unbounded SSH field lengths can cause excessive memory allocation
maven
org.connectbot.sshlib:sshlib
High
23 days ago
Appsmith: Configuration-dependent origin validation bypass in password reset and email verification link generation
maven
com.appsmith:server
High
23 days ago
Appsmith Super User Creation Race Condition Allows Multiple Instance Administrators
maven
com.appsmith:server
Moderate
23 days ago
GeoServer has a Server-Side Request Forgery (SSRF) Vulnerability in its XML Entity Resolution
maven
org.geoserver.web:gs-web-app, org.geoserver:gs-main
High
23 days ago
GeoServer has an arbitrary file write vulnerability in its Master Password Dump Page
maven
org.geoserver.web:gs-web-app, org.geoserver.web:gs-web-sec-core
High
24 days ago
GeoServer DB2 DataStore Extension has a JNDI Vulnerability via Store Connection
maven
org.geoserver.extension:gs-db2
High
24 days ago
Netty HAProxy: Unbalanced Reference Count in Nested PP2_TYPE_SSL TLV Parsing Leads to Memory Exhaustion
maven
io.netty:netty-codec-haproxy
Moderate
25 days ago
netty-codec-http2: ByteBuf Reference-Count Leak in DelegatingDecompressorFrameListener Leads to Memory Exhaustion
maven
io.netty:netty-codec-http2
Moderate
25 days ago
netty-incubator-codec-ohttp's Incorrect Native Pointer Derivation in Pooled Direct ByteBuf Fallback Leads to Out-of-Bounds Native Memory Access
maven
io.netty.incubator:netty-incubator-codec-ohttp-hpke-native-boringssl
High
25 days ago
Netty's Lack of Lifecycle Cleanup Leads to Pooled ByteBuf Leak in RedisArrayAggregator
maven
io.netty:netty-codec-redis
High
25 days ago
Acknowledgement extension out of memory
maven
org.cometd.java:cometd-java-server-common
High
25 days ago
Jenkins: Stored XSS vulnerability in node offline cause description
maven
org.jenkins-ci.main:jenkins-core
Moderate
26 days ago
Spring Security Vulnerable to Unauthorized User Impersonation when Using X.509 Client Certificates
maven
org.springframework.security:spring-security-web
High
26 days ago
In Spring for Apache Kafka, overly broad trusted-package matching in header mappers exposes JDK classes to deserialization
maven
org.springframework.kafka:spring-kafka
Moderate
26 days ago
In Spring for Apache Kafka, unbounded delegate cache keyed on user-controlled, potentially malicious selector header
maven
org.springframework.kafka:spring-kafka
High
27 days ago
Netty has Insufficient Bailiwick Validation for NS Records
maven
io.netty:netty-resolver-dns
Moderate
27 days ago
Netty HTTP/2: Advertised MAX_CONCURRENT_STREAMS are not enforced
maven
io.netty:netty-codec-http2
High
27 days ago
Netty: SCTP reassembly nests buffers without bound
maven
io.netty:netty-transport-sctp
High
27 days ago
Netty Vulnerable to DNS Cache Poisoning via Missing Bailiwick Checks in CNAME Records
maven
io.netty:netty-resolver-dns
Moderate
27 days ago
Netty: DNS Cache Poisoning due to Predictable PRNG and Default Static Source Port
maven
io.netty:netty-resolver-dns
Moderate
27 days ago
Netty: Unix-socket fd receive leaks descriptors when peer sends two at once
maven
io.netty:netty-transport-native-epoll, io.netty:netty-transport-native-kqueue
High
27 days ago
Netty: SNI handler pre-allocates up to 16 MiB from nine attacker bytes
maven
io.netty:netty-handler
High
27 days ago
Netty's Default QUIC token handler accepts any client-supplied token
maven
io.netty:netty-codec-classes-quic
High
27 days ago
Netty: HAProxy SSL TLV parsing leaks retained slice on invalid TLV length
maven
io.netty:netty-codec-haproxy
High
27 days ago
Netty has a Vulnerable Default Configuration Which Leads to Denial of Service via Unbounded HTTP/3 Header Size
maven
io.netty:netty-codec-http3
High
27 days ago
Netty has Unbounded Direct Memory Consumption in its RedisDecoder
maven
io.netty:netty-codec-redis
High
27 days ago
Netty: Memory Exhaustion in RedisArrayAggregator due to Deeply Nested Arrays
maven
io.netty:netty-codec-redis
High
27 days ago
Netty has an IPv6 Subnet Filter Bypass via Incorrect Comparator Masking
maven
io.netty:netty-handler
Filter by Severity
Filter by Package
org.jenkins-ci.main:jenkins-core
252
org.apache.tomcat:tomcat
156
com.liferay.portal:release.portal.bom
151
com.liferay.portal:release.dxp.bom
123
org.keycloak:keycloak-services
96
com.fasterxml.jackson.core:jackson-databind
76
org.apache.struts:struts2-core
59
org.apache.tomcat.embed:tomcat-embed-core
56
org.keycloak:keycloak-core
50
org.xwiki.platform:xwiki-platform-oldcore
45
org.elasticsearch:elasticsearch
44
net.mingsoft:ms-mcms
39
io.undertow:undertow-core
39
com.thoughtworks.xstream:xstream
37
com.jfinal:jfinal
36
org.jenkins-ci.plugins:script-security
34
org.apache.tomcat:tomcat-catalina
33
org.opencms:opencms-core
31
org.springframework.security:spring-security-core
30
org.apache.solr:solr-core
29
org.keycloak:keycloak-parent
26
org.eclipse.jetty:jetty-server
26
org.apache.openmeetings:openmeetings-parent
25
org.bouncycastle:bcprov-jdk14
24
org.xwiki.platform:xwiki-platform-web-templates
23
org.apache.nifi:nifi
21
org.cloudfoundry.identity:cloudfoundry-identity-server
21
org.apache.tomcat:tomcat-coyote
20
com.vaadin:vaadin-bom
18
org.apache.activemq:activemq-client
18
org.apache.jspwiki:jspwiki-main
18
org.springframework:spring-core
18
com.liferay.portal:com.liferay.portal.impl
18
org.apache.geode:geode-core
17
org.apache.dolphinscheduler:dolphinscheduler
17
org.apache.inlong:manager-pojo
17
org.springframework:spring-webmvc
17
org.apache.ranger:ranger
16
org.apache.dubbo:dubbo
16
org.apache.struts.xwork:xwork-core
15
io.netty:netty-codec-http
15
org.xwiki.platform:xwiki-platform-web
15
org.bouncycastle:bcprov-jdk15
15
ai.h2o:h2o-core
15
org.geoserver.web:gs-web-app
14
org.opensearch.plugin:opensearch-security
14
org.apache.tika:tika-core
13
com.vaadin:flow-server
13
org.apache.hadoop:hadoop-main
13
org.apache.kylin:kylin
13
h2o
13
org.jenkins-ci.plugins:git
13
org.apache.cassandra:cassandra-all
12
org.graylog2:graylog2-server
12
org.jeecgframework.boot:jeecg-boot-parent
12
org.springframework:spring-web
12
org.jenkins-ci.plugins:email-ext
12
org.apache.shiro:shiro-core
12
org.apache.cxf:cxf-core
12
org.jenkins-ci.plugins.workflow:workflow-cps
12
org.apache.streampark:streampark
12
org.apache.hadoop:hadoop-common
12
org.jenkins-ci.plugins:active-directory
11
org.mortbay.jetty:jetty
11
org.xwiki.platform:xwiki-platform-administration-ui
11
org.apache.archiva:archiva
11
org.apache.camel:camel-core
11
com.xuxueli:xxl-job
11
org.apache.james:james-server
11
io.netty:netty
11
org.xwiki.platform:xwiki-platform-rest-server
11
org.apache.commons:commons-compress
11
org.apache.jspwiki:jspwiki-war
11
org.igniterealtime.openfire:parent
11
org.apache.logging.log4j:log4j-core
10
org.postgresql:postgresql
10
org.jboss.netty:netty
10
org.springframework:spring-webflux
10
org.apache.cxf:cxf
10
org.craftercms:crafter-studio
10
org.apache.linkis:linkis
10
org.apache.inlong:manager-service
10
org.jenkins-ci.plugins.workflow:workflow-cps-global-lib
10
org.bouncycastle:bcprov-jdk15on
10
io.netty:netty-handler
10
org.bouncycastle:bcprov-jdk15to18
10
com.sonyericsson.jenkins.plugins.bfa:build-failure-analyzer
10
org.apache.spark:spark-core_2.11
9
org.apache.activemq:apache-activemq
9
ch.qos.logback:logback-core
9
org.apache.tapestry:tapestry-core
9
org.jenkins-ci.plugins:config-file-provider
9
io.netty:netty-codec-http2
9
org.apache.dolphinscheduler:dolphinscheduler-api
9
cn.hutool:hutool-core
9
org.bouncycastle:bc-fips
9
org.jenkins-ci.plugins:electricflow
9
org.apache.xmlgraphics:batik
9
org.apache.hive:hive
9
io.jenkins:configuration-as-code
9
org.opencrx:opencrx-core-models
9
org.apache.zookeeper:zookeeper
9
org.opennms:opennms
9
org.keycloak:keycloak-quarkus-server
9
org.apache.activemq:activemq-broker
9
org.apache.hive:hive-exec
9
mysql:mysql-connector-java
8
org.apache.zeppelin:zeppelin
8
org.apache.spark:spark-core_2.10
8
org.apache.druid:druid
8
org.apache.wicket:wicket-core
8
org.jeecgframework.boot:jeecg-boot-common
8
org.apache.hive:hive-service
8
org.apache.santuario:xmlsec
8
org.jenkins-ci.plugins:subversion
8
org.apache.pdfbox:pdfbox
8
io.jenkins.blueocean:blueocean
8
org.springframework.cloud:spring-cloud-config-server
8
org.apache.ambari:ambari
8
org.silverpeas.core:silverpeas-core-web
8
com.hazelcast:hazelcast
8
org.yaml:snakeyaml
8
org.geoserver:gs-wms
8
org.jenkins-ci.plugins:ec2
8
org.bouncycastle:bcprov-jdk18on
8
org.apache.activemq:activemq-all
8
org.jenkins-ci.plugins:oic-auth
8
com.ruoyi:ruoyi
8
org.apache.ozone:ozone-main
8
org.jenkins-ci.plugins:credentials-binding
8
org.apache.ignite:ignite-core
7
org.keycloak:keycloak-server-spi-private
7
io.vertx:vertx-web
7
tools.jackson.core:jackson-databind
7
org.owasp.esapi:esapi
7
org.apache.poi:poi
7
org.apache.activemq:activemq-parent
7
io.dataease:dataease-plugin-common
7
io.vertx:vertx-core
7
org.jenkins-ci.plugins:htmlpublisher
7
org.owasp.antisamy:antisamy
7
io.atomix:atomix
7
org.jenkins-ci.plugins:artifactory
7
org.jeecgframework.boot:jeecg-boot-base
7
org.jenkins-ci.plugins:openshift-deployer
7
org.apache.mina:mina-core
7
org.apache.inlong:manager-web
7
org.jboss.resteasy:resteasy-client
7
ca.uhn.hapi.fhir:org.hl7.fhir.utilities
7
org.apache.kafka:kafka-clients
7
net.opentsdb:opentsdb
7
org.apache.axis:axis
7
net.gleske:jervis
7
tech.powerjob:powerjob
7
io.jenkins.plugins:warnings-ng
7
org.jenkins-ci.plugins:jobConfigHistory
7
com.xuxueli:xxl-job-admin
7
org.jruby:jruby-stdlib
7
jquery-ui
7
org.opencastproject:opencast-kernel
7
io.jenkins.plugins:miniorange-saml-sp
7
org.apache.derby:derby
7
jQuery.UI.Combined
7
org.apache.syncope:syncope-core
7
org.apache.atlas:atlas-common
7
org.jenkins-ci.plugins:rundeck
7
org.webjars.npm:jquery-ui
7
io.jenkins.plugins:cavisson-ns-nd-integration
7
org.apache.karaf:apache-karaf
7
rubygems-update
7
org.xwiki.commons:xwiki-commons-xml
6
com.sonyericsson.hudson.plugins.gerrit:gerrit-trigger
6
hudson.plugins:project-inheritance
6
commons-fileupload:commons-fileupload
6
org.apache.shenyu:shenyu-common
6
org.yamcs:yamcs-core
6
org.jenkins-ci.plugins:gitlab-oauth
6
org.apache.mesos:mesos
6
com.liferay.portal:com.liferay.portal.kernel
6
org.apache.struts:struts2-rest-plugin
6
gov.nsa.emissary:emissary
6
org.openidentityplatform.openam:openam-oauth2
6
org.jenkins-ci.plugins:fortify-on-demand-uploader
6
org.apache.zeppelin:zeppelin-server
6
org.apache.storm:storm-core
6
com.xebialabs.deployit.ci:deployit-plugin
6
ca.uhn.hapi.fhir:org.hl7.fhir.r5
6
org.silverpeas.core:silverpeas-core
6
org.apache.httpcomponents:httpclient
6
org.apache.streampipes:streampipes-parent
6
cn.hutool:hutool-json
6
net.snowflake:snowflake-jdbc
6
org.jenkins-ci.plugins:azure-ad
6
com.nimbusds:nimbus-jose-jwt
6
com.jflyfox:jflyfox_jfinal
6
org.apache.solr:solr-parent
6
org.csanchez.jenkins.plugins:kubernetes
6
ca.uhn.hapi.fhir:org.hl7.fhir.r4b
6
com.xuxueli:xxl-job-core
6
org.jenkins-ci.plugins:ghprb
6
Filter by Repository
https://github.com/xwiki/xwiki-platform
222
https://github.com/jenkinsci/jenkins
178
https://github.com/liferay/liferay-portal
170
https://github.com/apache/tomcat
118
https://github.com/keycloak/keycloak
89
https://github.com/FasterXML/jackson-databind
70
https://github.com/spring-projects/spring-framework
51
https://github.com/apache/struts
47
https://github.com/x-stream/xstream
37
https://github.com/apache/activemq
34
https://github.com/apache/inlong
31
https://github.com/CVEProject/cvelist
28
https://github.com/netty/netty
27
https://github.com/apache/nifi
26
https://github.com/geoserver/geoserver
26
https://github.com/bcgit/bc-java
25
https://github.com/apache/cxf
24
https://github.com/eclipse/jetty.project
23
https://github.com/jenkinsci/script-security-plugin
22
https://github.com/undertow-io/undertow
21
https://github.com/jeecgboot/jeecg-boot
20
https://github.com/OpenNMS/opennms
20
https://github.com/opencast/opencast
20
https://github.com/alkacon/opencms-core
19
https://github.com/cloudfoundry/uaa
19
https://github.com/apache/camel
18
https://github.com/vaadin/platform
18
https://github.com/apache/kylin
17
https://github.com/quarkusio/quarkus
16
https://github.com/xuxueli/xxl-job
15
https://github.com/spring-projects/spring-security
15
https://github.com/Graylog2/graylog2-server
14
https://github.com/apache/zeppelin
14
https://github.com/ming-soft/MCMS
14
https://github.com/OpenRefine/OpenRefine
13
https://github.com/apache/dolphinscheduler
13
https://github.com/dromara/hutool
13
https://github.com/igniterealtime/Openfire
12
https://github.com/DSpace/DSpace
12
https://github.com/h2oai/h2o-3
12
https://github.com/vaadin/flow
11
https://github.com/jenkinsci/git-plugin
10
https://github.com/opensearch-project/security
10
https://github.com/apache/lucene-solr
10
https://github.com/dataease/dataease
9
https://github.com/cui2shark/cms
9
https://github.com/pgjdbc/pgjdbc
8
https://github.com/vaadin/framework
8
https://github.com/jetty/jetty.project
8
https://github.com/apache/xmlgraphics-batik
8
https://github.com/apache/hadoop
8
https://github.com/vert-x3/vertx-web
8
https://github.com/jenkinsci/config-file-provider-plugin
8
https://github.com/xwiki/xwiki-commons
8
https://github.com/hazelcast/hazelcast
8
https://github.com/nahsra/antisamy
8
https://github.com/RhinoSecurityLabs/CVEs
7
https://github.com/apache/pulsar
7
https://github.com/jenkinsci/blueocean-plugin
7
https://github.com/apache/openmeetings
7
https://github.com/OpenTSDB/opentsdb
7
https://github.com/infinispan/infinispan
7
https://github.com/elastic/elasticsearch
7
https://github.com/ratpack/ratpack
7
https://github.com/apache/syncope
7
https://github.com/apache/tika
7
https://github.com/jenkinsci/build-failure-analyzer-plugin
7
https://github.com/rubygems/rubygems
7
https://github.com/jflyfox/jfinal_cms
7
https://github.com/rundeck/rundeck
7
https://github.com/http4s/http4s
7
https://github.com/ESAPI/esapi-java-legacy
6
https://github.com/JLLeitschuh/security-research
6
https://github.com/apache/hive
6
https://bitbucket.org/snakeyaml/snakeyaml
6
https://github.com/jquery/jquery-ui
6
https://github.com/apache/geode
6
https://github.com/playframework/playframework
6
https://github.com/OpenAPITools/openapi-generator
6
https://github.com/jenkinsci/electricflow-plugin
6
https://github.com/apache/solr
6
https://github.com/jenkinsci/gerrit-trigger-plugin
6
https://github.com/line/armeria
6
https://github.com/jenkinsci/fortify-on-demand-uploader-plugin
6
https://github.com/jenkinsci/ec2-plugin
6
https://github.com/jenkinsci/subversion-plugin
6
https://github.com/cui2shark/security
6
https://github.com/PowerJob/PowerJob
6
https://github.com/jenkinsci/configuration-as-code-plugin
6
https://github.com/resteasy/resteasy
6
https://github.com/qos-ch/logback
6
https://github.com/DrunkenShells/Disclosures
6
https://github.com/neo4j-contrib/neo4j-apoc-procedures
5
https://github.com/jenkinsci/gitlab-plugin
5
https://github.com/jenkinsci/m2release-plugin
5
https://github.com/jensdietrich/xshady-release
5
https://github.com/apache/karaf
5
https://github.com/apache/activemq-artemis
5
https://github.com/apache/james-project
5
https://github.com/h2database/h2database
5
https://github.com/apache/druid
5
https://github.com/jenkinsci/codedx-plugin
5
https://github.com/apache/jackrabbit
5
https://github.com/apache/shiro
5
https://github.com/jenkinsci/github-plugin
5
https://github.com/protocolbuffers/protobuf
5
https://github.com/grails/grails-core
5
https://github.com/apache/shenyu
5
https://bitbucket.org/connect2id/nimbus-jose-jwt
5
https://github.com/alibaba/nacos
5
https://github.com/jenkinsci/junit-plugin
5
https://github.com/jenkinsci/email-ext-plugin
5
https://github.com/restlet/restlet-framework-java
5
https://github.com/jenkinsci/active-directory-plugin
5
https://github.com/jenkinsci/support-core-plugin
5
https://github.com/jettison-json/jettison
5
https://github.com/snowflakedb/snowflake-jdbc
5
https://github.com/apache/httpcomponents-client
5
https://github.com/xwiki/xwiki-rendering
5
https://github.com/jenkinsci/workflow-cps-global-lib-plugin
5
https://github.com/jenkinsci/publish-over-ssh-plugin
5
https://github.com/ktorio/ktor
5
https://github.com/wso2/carbon-identity-framework
4
https://github.com/joniles/mpxj
4
https://github.com/pippo-java/pippo
4
https://github.com/powsybl/powsybl-core
4
https://github.com/nightcloudos/new_cms
4
https://github.com/stanfordnlp/corenlp
4
https://github.com/jenkinsci/xldeploy-plugin
4
https://github.com/jenkinsci/vmanager-plugin
4
https://github.com/jenkinsci/warnings-ng-plugin
4
https://github.com/apache/ranger
4
https://github.com/jenkinsci/libvirt-slave-plugin
4
https://github.com/jenkinsci/htmlpublisher-plugin
4
https://github.com/skylot/jadx
4
https://github.com/open-metadata/OpenMetadata
4
https://github.com/apache/streampipes
4
https://github.com/apache/iotdb
4
https://github.com/shopizer-ecommerce/shopizer
4
https://github.com/jenkinsci/cloudbees-jenkins-advisor-plugin
4
https://github.com/jenkinsci/fortify-plugin
4
https://github.com/HL7/fhir-ig-publisher
4
https://github.com/apiman/apiman
4
https://github.com/geonetwork/core-geonetwork
4
https://github.com/xerial/snappy-java
4
https://github.com/jenkinsci/matrix-project-plugin
4
https://github.com/jenkinsci/nexus-platform-plugin
4
https://github.com/AsyncHttpClient/async-http-client
4
https://github.com/unclebob/fitnesse
4
https://github.com/jenkinsci/hpe-application-automation-tools-plugin
4
https://github.com/jfinal/jfinal
4
https://github.com/micronaut-projects/micronaut-core
4
https://github.com/wildfly/wildfly-core
4
https://github.com/resteasy/Resteasy
4
https://github.com/aws/aws-iot-device-sdk-java-v2
4
https://github.com/jenkinsci/credentials-binding-plugin
4
https://github.com/jenkinsci/workflow-cps-plugin
4
https://github.com/reportportal/reportportal
4
https://github.com/jenkinsci/gitlab-oauth-plugin
4
https://github.com/openhab/openhab-webui
4
https://github.com/jenkinsci/git-client-plugin
4
https://github.com/jooby-project/jooby
4
https://github.com/jquery/jquery
4
https://github.com/HtmlUnit/htmlunit
4
https://github.com/itext/itext7
4
https://github.com/yamcs/yamcs
4
https://github.com/jenkinsci/job-config-history-plugin
4
https://github.com/jenkinsci/ansible-plugin
4
https://github.com/jenkinsci/active-choices-plugin
4
https://github.com/Robothy/local-s3
4
https://github.com/jenkinsci/p4-plugin
4
https://github.com/jenkinsci/rundeck-plugin
4
https://github.com/graphql-java/graphql-java
3
https://github.com/bcgit/bc-csharp
3
https://bitbucket.org/b_c/jose4j
3
https://github.com/jenkinsci/embeddable-build-status-plugin
3
https://github.com/hibernate/hibernate-validator
3
https://github.com/jenkinsci/cas-plugin
3
https://github.com/ls1intum/Ares
3
https://github.com/jenkinsci/gitlab-branch-source-plugin
3
https://github.com/reactor/reactor-netty
3
https://github.com/spring-projects/spring-boot
3
https://github.com/mbechler/marshalsec
3
https://github.com/jenkinsci/azure-credentials-plugin
3
https://github.com/aws/amazon-redshift-jdbc-driver
3
https://github.com/apache/santuario-java
3
https://github.com/jenkinsci/mercurial-plugin
3
https://github.com/li-yu320/cms
3
https://github.com/wildfly/wildfly
3
https://github.com/Adobe-Consulting-Services/acs-aem-commons
3
https://github.com/matrix-org/matrix-android-sdk2
3
https://github.com/apache/cxf-fediz
3
https://github.com/HubSpot/jinjava
3
https://github.com/apache/zookeeper
3
https://github.com/jenkinsci/kubernetes-plugin
3
https://svn.apache.org/viewvc/tomcat/tc7.0.x
3
https://github.com/akka/akka-http
3
https://github.com/vaadin/flow-components
3
https://github.com/jenkinsci/ci-with-toad-edge-plugin
3