Moderate 2,926 High 1,928 Critical 799 Low 327

org.jenkins-ci.main:jenkins-core 148 com.liferay.portal:release.portal.bom 115 org.apache.tomcat:tomcat 92 com.liferay.portal:release.dxp.bom 80 org.elasticsearch:elasticsearch 34 org.keycloak:keycloak-core 32 org.keycloak:keycloak-services 24 org.apache.struts:struts2-core 19 io.undertow:undertow-core 15 org.opencms:opencms-core 15 com.liferay.portal:com.liferay.portal.impl 15 org.apache.jspwiki:jspwiki-main 15 org.apache.tomcat.embed:tomcat-embed-core 15 org.xwiki.platform:xwiki-platform-oldcore 14 org.springframework.security:spring-security-core 13 com.jfinal:jfinal 13 com.thoughtworks.xstream:xstream 13 org.eclipse.jetty:jetty-server 11 org.bouncycastle:bcprov-jdk15on 11 com.vaadin:vaadin-bom 10 org.apache.jspwiki:jspwiki-war 10 org.apache.nifi:nifi 10 org.apache.solr:solr-core 10 org.springframework:spring-core 10 org.keycloak:keycloak-parent 10 org.jenkins-ci.plugins:git 9 org.apache.tomcat:tomcat-coyote 9 org.apache.activemq:activemq-client 9 org.igniterealtime.openfire:parent 9 org.jenkins-ci.plugins:script-security 9 org.mortbay.jetty:jetty 9 org.opencrx:opencrx-core-models 9 org.jenkins-ci.plugins:electricflow 8 org.opensearch.plugin:opensearch-security 8 org.apache.tomcat:tomcat-catalina 8 org.apache.ranger:ranger 8 org.apache.archiva:archiva 8 org.jenkins-ci.plugins:subversion 8 io.jenkins:configuration-as-code 7 org.apache.cxf:cxf-core 7 org.springframework:spring-web 7 org.apache.santuario:xmlsec 7 org.owasp.antisamy:antisamy 7 org.jenkins-ci.plugins:config-file-provider 7 org.opennms:opennms 7 org.bouncycastle:bcprov-jdk15to18 7 org.jenkins-ci.plugins:email-ext 7 com.vaadin:flow-server 7 io.jenkins.blueocean:blueocean 7 org.bouncycastle:bcprov-jdk14 7 org.bouncycastle:bc-fips 6 org.jenkins-ci.plugins:fortify-on-demand-uploader 6 org.apache.pdfbox:pdfbox 6 org.bouncycastle:bcprov-jdk18on 6 org.apache.poi:poi 6 org.apache.geode:geode-core 6 org.jenkins-ci.plugins:azure-vm-agents 6 com.sonyericsson.jenkins.plugins.bfa:build-failure-analyzer 6 org.apache.commons:commons-compress 6 org.springframework:spring-webmvc 6 io.netty:netty 6 org.webjars.npm:jquery-ui 6 org.jenkins-ci.plugins:openshift-deployer 6 org.jenkins-ci.plugins:jobConfigHistory 6 org.cloudfoundry.identity:cloudfoundry-identity-server 6 jquery-ui 6 org.apache.tika:tika 5 org.apache.pulsar:pulsar-broker 5 org.apache.openmeetings:openmeetings-parent 5 org.apache.kylin:kylin 5 org.jenkins-ci.plugins:rundeck 5 com.xebialabs.deployit.ci:deployit-plugin 5 org.jenkinsci.plugins:octoperf 5 com.liferay:com.liferay.portal.search.web 5 io.jenkins.plugins:warnings-ng 5 org.apache.streampark:streampark 5 org.jenkins-ci.plugins:aws-codecommit-trigger 5 hudson.plugins:project-inheritance 5 org.jenkins-ci.plugins:fortify 5 mysql:mysql-connector-java 5 org.jenkins-ci.plugins:credentials 5 jQuery.UI.Combined 5 org.opennms:opennms-webapp 5 org.apache.james:james-server 5 org.jenkins-ci.plugins:codedx 5 org.graylog2:graylog2-server 5 org.biouno:uno-choice 5 org.yaml:snakeyaml 5 io.netty:netty-codec-http 5 org.silverpeas.core:silverpeas-core-web 5 org.apache.zeppelin:zeppelin-server 5 org.jenkins-ci.plugins:ec2 5 io.vertx:vertx-core 5 org.apache.tika:tika-core 5 org.apache.ambari:ambari 5 org.jenkins-ci.plugins:google-compute-engine 5 org.csanchez.jenkins.plugins:kubernetes 5 org.geoserver.web:gs-web-app 5 org.jenkins-ci.plugins:credentials-binding 5 org.jboss.resteasy:resteasy-client 5 org.apache.struts.xwork:xwork-core 5 org.keycloak:keycloak-quarkus-server 5 org.apache.atlas:atlas-common 5 org.jboss.netty:netty 5 org.xwiki.platform:xwiki-platform-web-templates 5 io.jenkins.plugins:miniorange-saml-sp 5 com.mabl.integration.jenkins:mabl-integration 5 io.jenkins.plugins:cavisson-ns-nd-integration 4 org.jenkins-ci.plugins:active-directory 4 org.opensaml:opensaml 4 org.jenkins-ci.plugins:htmlpublisher 4 org.apache.httpcomponents:httpclient 4 org.jvnet.hudson.plugins:analysis-core 4 org.jenkins-ci.plugins:requests 4 io.jenkins.plugins:neuvector-vulnerability-scanner 4 org.apache.derby:derby 4 org.jenkins-ci.tools:git-parameter 4 org.jenkins-ci.plugins:proxmox 4 org.jenkins-ci.plugins:scriptler 4 org.jenkins-ci.plugins:ec2-deployment-dashboard 4 org.jeecgframework.boot:jeecg-boot-parent 4 com.liferay:com.liferay.dynamic.data.mapping.form.field.type 4 org.apache.zeppelin:zeppelin 4 org.jenkins-ci.plugins:reportportal 4 io.github.robothy:local-s3-rest 4 org.jenkins-ci.plugins:jira 4 com.sonyericsson.hudson.plugins.gerrit:gerrit-trigger 4 org.jenkins-ci.plugins:jira-steps 4 org.xwiki.platform:xwiki-platform-web 4 org.apache.druid:druid 4 org.jenkins-ci.plugins:google-login 4 org.jenkins-ci.plugins:ansible 4 org.jenkins-ci.plugins:mercurial 4 com.xuxueli:xxl-job 4 org.apache.cxf:cxf 4 org.jenkins-ci.plugins:extended-choice-parameter 4 org.apache.kafka:kafka-clients 4 org.owasp.esapi:esapi 4 org.jenkins-ci.plugins:pipeline-build-step 4 org.bouncycastle:bctls-jdk15to18 4 com.liferay:com.liferay.change.tracking.web 4 org.opencastproject:opencast-kernel 4 com.vaadin:vaadin-server 4 org.jenkins-ci.plugins:soapui-pro-functional-testing 4 org.apache.karaf:apache-karaf 4 org.glassfish.main.admingui:console-common 4 org.jenkins-ci.plugins:publish-over-ssh 4 org.bouncycastle:bctls-jdk14 4 org.apache.ozone:ozone-main 4 org.jenkins-ci.plugins:delphix 4 com.datapipe.jenkins.plugins:hashicorp-vault-plugin 4 com.cloudtp.jenkins:paaslane-estimate 4 org.bouncycastle:bctls-jdk18on 4 org.apache.inlong:manager-pojo 4 org.jenkins-ci.plugins:artifactory 4 org.jenkins-ci.plugins:xpath-config-viewer 3 com.liferay:com.liferay.layout.admin.web 3 jquery 3 org.springframework.data:spring-data-jpa 3 org.igniterealtime.openfire:xmppserver 3 org.webjars.npm:jquery 3 com.liferay:com.liferay.users.admin.web 3 org.apache.storm:storm-core 3 org.jenkins-ci.plugins:icescrum 3 net.lingala.zip4j:zip4j 3 org.opencastproject:opencast-common 3 org.jruby:jruby-stdlib 3 org.apache.oozie:oozie-core 3 org.springframework.integration:spring-integration-zip 3 org.hibernate.validator:hibernate-validator 3 org.openrefine:main 3 org.apache.activemq:activemq-core 3 org.jenkins-ci.plugins:cloudbees-jenkins-advisor 3 io.jenkins.plugins:macstadium-orka 3 org.apache.activemq:activemq-web-console 3 org.springframework.amqp:spring-amqp 3 org.jenkins-ci.plugins:swarm 3 org.apache.portals.pluto:pluto-portal 3 org.jenkins-ci.plugins:oic-auth 3 io.jenkins.plugins:folder-auth 3 com.synopsys.jenkinsci:ownership 3 org.bouncycastle:bctls-fips 3 org.apache.atlas:apache-atlas 3 org.jenkins-ci.plugins:p4 3 jQuery 3 jquery-ui-rails 3 com.convertigo.jenkins.plugins:convertigo-mobile-platform 3 org.apache.cassandra:cassandra-all 3 org.glassfish:javax.faces 3 org.wso2.carbon.registry:carbon-registry 3 org.apache.zookeeper:zookeeper 3 org.jenkins-ci.plugins:deployer-framework 3 org.springframework:spring-expression 3 org.jvnet.hudson.plugins:monitoring 3 org.jenkins-ci.plugins:audit-trail 3 org.jenkins-ci.plugins:support-core 3 com.shopizer:shopizer 3 io.netty:netty-handler 3 fr.edf.jenkins.plugins:mac 3 org.geoserver:gs-wms 3

https://github.com/liferay/liferay-portal 142 https://github.com/jenkinsci/jenkins 109 https://github.com/apache/tomcat 63 https://github.com/xwiki/xwiki-platform 50 https://github.com/keycloak/keycloak 45 https://github.com/spring-projects/spring-framework 26 https://github.com/apache/activemq 20 https://github.com/apache/struts 17 https://github.com/CVEProject/cvelist 15 https://github.com/apache/cxf 15 https://github.com/netty/netty 15 https://github.com/geoserver/geoserver 14 https://github.com/OpenNMS/opennms 14 https://github.com/x-stream/xstream 14 https://github.com/apache/nifi 13 https://github.com/bcgit/bc-java 13 https://github.com/apache/zeppelin 11 https://github.com/vaadin/platform 11 https://github.com/opencast/opencast 9 https://github.com/jenkinsci/git-plugin 9 https://github.com/alkacon/opencms-core 9 https://github.com/opensearch-project/security 8 https://github.com/eclipse/jetty.project 8 https://github.com/undertow-io/undertow 7 https://github.com/igniterealtime/Openfire 7 https://github.com/nahsra/antisamy 7 https://github.com/jeecgboot/jeecg-boot 7 https://github.com/jenkinsci/blueocean-plugin 7 https://github.com/vaadin/flow 7 https://github.com/jenkinsci/fortify-on-demand-uploader-plugin 6 https://github.com/elastic/elasticsearch 6 https://github.com/jenkinsci/subversion-plugin 6 https://github.com/jenkinsci/script-security-plugin 6 https://github.com/cui2shark/security 6 https://github.com/apache/inlong 6 https://github.com/quarkusio/quarkus 6 https://github.com/jenkinsci/config-file-provider-plugin 6 https://github.com/jenkinsci/configuration-as-code-plugin 6 https://github.com/jquery/jquery-ui 5 https://github.com/jenkinsci/codedx-plugin 5 https://github.com/apache/dolphinscheduler 5 https://github.com/cloudfoundry/uaa 5 https://github.com/apache/kylin 5 https://github.com/jenkinsci/electricflow-plugin 5 https://github.com/apache/tika 5 https://bitbucket.org/snakeyaml/snakeyaml 5 https://github.com/xuxueli/xxl-job 5 https://github.com/vaadin/framework 5 https://github.com/apache/camel 5 https://github.com/Graylog2/graylog2-server 5 https://github.com/resteasy/resteasy 4 https://github.com/ktorio/ktor 4 https://github.com/bcgit/bc-csharp 4 https://github.com/PowerJob/PowerJob 4 https://github.com/jenkinsci/fortify-plugin 4 https://github.com/jenkinsci/gerrit-trigger-plugin 4 https://github.com/jenkinsci/xldeploy-plugin 4 https://github.com/DSpace/DSpace 4 https://github.com/OpenRefine/OpenRefine 4 https://github.com/jenkinsci/ec2-plugin 4 https://github.com/jenkinsci/active-directory-plugin 4 https://github.com/jenkinsci/active-choices-plugin 4 https://github.com/jenkinsci/build-failure-analyzer-plugin 4 https://github.com/apache/pulsar 4 https://github.com/jenkinsci/publish-over-ssh-plugin 4 https://github.com/jenkinsci/ansible-plugin 4 https://github.com/Robothy/local-s3 4 https://github.com/rundeck/rundeck 4 https://github.com/jquery/jquery 4 https://github.com/jenkinsci/email-ext-plugin 3 https://github.com/jflyfox/jfinal_cms 3 https://github.com/jmix-framework/jmix 3 https://github.com/jenkinsci/azure-vm-agents-plugin 3 https://github.com/jenkinsci/mac-plugin 3 https://github.com/apache/derby 3 https://github.com/Jarvis-616/cms 3 https://github.com/apache/lucene-solr 3 https://github.com/jenkinsci/hpe-application-automation-tools-plugin 3 https://github.com/jenkinsci/p4-plugin 3 https://github.com/apache/solr 3 https://github.com/jenkinsci/support-core-plugin 3 https://github.com/shopizer-ecommerce/shopizer 3 https://github.com/jenkinsci/scriptler-plugin 3 https://github.com/ESAPI/esapi-java-legacy 3 https://github.com/eclipse-ee4j/glassfish 3 https://github.com/RhinoSecurityLabs/CVEs 3 https://github.com/eclipse-vertx/vert.x 3 https://github.com/jenkinsci/vmanager-plugin 3 https://github.com/jenkinsci/credentials-binding-plugin 3 https://github.com/brianchandotcom/liferay-portal 3 https://github.com/apache/hive 3 https://github.com/jensdietrich/xshady-release 3 https://github.com/intranda/goobi-viewer-core 3 https://github.com/jenkinsci/rundeck-plugin 3 https://github.com/ratpack/ratpack 3 https://github.com/Phoenix616/InventoryGui 3 https://github.com/apache/santuario-java 3 https://github.com/wildfly/wildfly-core 3 https://github.com/apache/syncope 3 https://github.com/Rabb1ter/cms 3 https://github.com/jenkinsci/audit-trail-plugin 3 https://github.com/vert-x3/vertx-web 3 https://github.com/jenkinsci/warnings-ng-plugin 3 https://github.com/hal/console 3 https://github.com/itext/itext7 3 https://github.com/jenkinsci/cloudbees-jenkins-advisor-plugin 3 https://github.com/skylot/jadx 3 https://github.com/jetty/jetty.project 3 https://github.com/jenkinsci/hashicorp-vault-plugin 3 https://github.com/jenkinsci/nomad-plugin 3 https://github.com/spring-projects/spring-security 3 https://github.com/apache/jackrabbit 3 https://github.com/wso2/docs-security 3 https://github.com/rubygems/rubygems 3 https://github.com/wso2/carbon-registry 3 https://github.com/unclebob/fitnesse 3 https://github.com/apache/karaf 3 https://github.com/jenkinsci/jira-plugin 3 https://github.com/jenkinsci/job-config-history-plugin 3 https://github.com/jenkinsci/dashboard-view-plugin 2 https://github.com/jenkinsci/nexus-platform-plugin 2 https://github.com/opensearch-project/data-prepper 2 https://github.com/jenkinsci/github-oauth-plugin 2 https://github.com/twbs/bootstrap 2 https://github.com/alkacon/apollo-template 2 https://github.com/JLLeitschuh/security-research 2 https://github.com/HubSpot/jinjava 2 https://github.com/jenkinsci/redgate-sql-ci-plugin 2 https://github.com/eclipse/lemminx 2 https://github.com/srikanth-lingala/zip4j 2 https://github.com/yamcs/yamcs 2 https://github.com/rhuss/jolokia 2 https://github.com/apache/isis 2 https://github.com/jenkinsci/kubernetes-plugin 2 https://github.com/apiman/apiman 2 https://svn.apache.org/viewvc/tomcat/tc7.0.x 2 https://github.com/jenkinsci/role-strategy-plugin 2 https://github.com/spring-projects/spring-integration-extensions 2 https://github.com/openhab/openhab-webui 2 https://github.com/jenkinsci/junit-plugin 2 https://github.com/keycloak/keycloak-documentation 2 https://github.com/jenkinsci/job-import-plugin 2 https://github.com/jenkinsci/compuware-xpediter-code-coverage-plugin 2 https://github.com/jenkinsci/git-parameter-plugin 2 https://github.com/apache/geronimo 2 https://github.com/jenkinsci/google-compute-engine-plugin 2 https://github.com/FasterXML/jackson-databind 2 https://github.com/jenkinsci/libvirt-slave-plugin 2 https://github.com/apereo/cas 2 https://github.com/jenkinsci/ci-with-toad-edge-plugin 2 https://github.com/jenkinsci/extra-columns-plugin 2 https://github.com/SonarSource/sonarqube 2 https://github.com/google/guava 2 https://github.com/joniles/mpxj 2 https://github.com/apache/rocketmq 2 https://github.com/jenkinsci/sonar-gerrit-plugin 2 https://github.com/vaadin/flow-components 2 https://github.com/jenkinsci/crx-content-package-deployer-plugin 2 https://svn.apache.org/viewvc/tomcat/tc6.0.x 2 https://github.com/apache/openmeetings 2 https://github.com/jenkinsci/lockable-resources-plugin 2 https://github.com/jenkinsci/github-plugin 2 https://github.com/jenkinsci/m2release-plugin 2 https://github.com/line/armeria 2 https://github.com/apache/james-project 2 https://github.com/jenkinsci/cvs-plugin 2 https://github.com/alibaba/nacos 2 https://github.com/jenkinsci/global-build-stats-plugin 2 https://github.com/apache/felix-dev 2 https://github.com/jenkinsci/bitbucket-branch-source-plugin 2 https://github.com/opengoofy/hippo4j 2 https://github.com/neo4j-contrib/neo4j-apoc-procedures 2 https://github.com/jenkinsci/azure-credentials-plugin 2 https://github.com/http4s/http4s 2 https://github.com/apache/james-mime4j 2 https://github.com/jenkinsci/cas-plugin 2 https://github.com/apache/ambari 2 https://github.com/jenkinsci/database-plugin 2 https://github.com/jenkinsci/oic-auth-plugin 2 https://github.com/apache/commons-compress 2 https://github.com/crate/crate 2 https://github.com/apache/iotdb 2 https://github.com/apache/jspwiki 2 https://github.com/jenkinsci/git-client-plugin 2 https://github.com/eclipse-edc/Connector 2 https://github.com/Sidd545-cr/CVE 2 https://github.com/checkstyle/checkstyle 2 https://github.com/jenkinsci/icescrum-plugin 2 https://github.com/jetty-project/codehaus-jetty6 2 https://github.com/jooby-project/jooby 2 https://svn.apache.org/viewvc/lucene/dev 2 https://github.com/OpenTSDB/opentsdb 2 https://github.com/bonitasoft/bonita-engine 2 https://github.com/graphhopper/graphhopper 2 https://github.com/apache/druid 2 https://github.com/jenkinsci/mask-passwords-plugin 2 https://github.com/jenkinsci/zephyr-enterprise-test-management-plugin 2 https://github.com/jenkinsci/monitoring-plugin 2 https://github.com/jenkinsci/gitlab-oauth-plugin 2