at.molindo:git-commit-id-plugin (=2.1.10-alpha-1), at.nonblocking:nonsnapshot-maven-plugin (=3.0.1) +4317 more potentially affected by CVE-2025-4949 via org.eclipse.jgit:org.eclipse.jgit (>=1.2.0.201112221803-r <=5.13.3.202401111512-r)

org.eclipse.jgit:org.eclipse.jgit MAVEN version =1.2.0.201112221803-r, =2.0.0, =2.0.4, =0.1.1, =0.1.1, =2.0.0, =0.0.1, =0.2.8, =1.5.6 - br.com.sabium.gradle-bump:br.com.sabium.gradle-bump.gradle.plugin =1.0.1 and more Source cves: CVE-2025-4949 Source advisory: OSV:GHSA-VRPQ-QP53-QV56...

RCE (Remote Code Execution) org.eclipse.jgit:org.eclipse.jgit Dependency in Bamboo Data Center and Server

This High severity org.eclipse.jgit:org.eclipse.jgit Dependency vulnerability was introduced in versions 9.0.0, 9.1.0, 9.2.1, 9.3.0, 9.4.0, and 9.5.0 of Bamboo Data Center and Server. The latest LTS Bamboo 9.6.0 is not impacted by this Vulnerability. This org.eclipse.jgit:org.eclipse.jgit...

at.molindo:git-commit-id-plugin (=2.1.10-alpha-1), at.nonblocking:nonsnapshot-maven-plugin (=3.0.1) +512 more potentially affected by CVE-2014-9390 via org.eclipse.jgit:org.eclipse.jgit (>=1.2.0.201112221803-r <=3.5.2.201411120430-r)

org.eclipse.jgit:org.eclipse.jgit MAVEN version =1.2.0.201112221803-r, =2.0.0, =2.0.4, =0.1.1, =0.1.1, =0.0.1, =0.2.8, =1.0.2, =2.0.0, =0.9.0, =1.1.0, =0.0.2, =0.0.7 and more Source cves: CVE-2014-9390 Source advisory: OSV:GHSA-6VVC-C2M3-CJF3...