Filter
Versions
GradleThe HTTP client in Gradle before 5.6 sends authentication credentials originally destined for the co…
9.8
First published (updated )
GradleObjectSocketWrapper.java in Gradle 2.12 allows remote attackers to execute arbitrary code via a craf…
9.8
First published (updated )
redhat/gradleThis is a collision attack on long IDs (64bits) for PGP keys. Users of dependency verification in G…
9.8
First published (updated )
GradleLocal privilege escalation through system temporary directory
8.8
First published (updated )
GradleArbitrary code execution via specially crafted environment variables
8.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
GradleIn Gradle Enterprise before 2021.1.3, a crafted request can trigger deserialization of arbitrary uns…
8.1
First published (updated )
GradleRepository content filters do not work in Settings pluginManagement
8
First published (updated )
GradleAn issue was discovered in the Maven Extension plugin before 1.6 for Gradle Enterprise. The extensio…
7.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
GradleGradle Enterprise before 2021.1.3 can allow unauthorized viewing of a response (information disclosu…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
GradlePossible local file exfiltration by XML External entity injection
6.8
First published (updated )
GradleGradle's dependency verification can ignore checksum verification when signature verification cannot be performed
6.6
First published (updated )
redhat/gradleGradle has incorrect permission assignment for symlinked files used in copy or archiving operations
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
GradleThe PGP signing plugin in Gradle before 6.0 relies on the SHA-1 algorithm, which might allow an atta…
5.9
First published (updated )
FedoraGradle versions from 1.4 to 5.3.1 use an insecure HTTP URL to download dependencies when the built-i…
5.9
First published (updated )
GradleInformation disclosure through temporary directory permissions
5.5
First published (updated )
GradleIn Gradle from version 5.1 and before version 7.0 there is a vulnerability which can lead to informa…
First published (updated )
GradleIn Gradle before version 7.0, on Unix-like systems, the system temporary directory can be created wi…
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
GradleIn Gradle before version 7.0, files created with open permissions in the system temporary directory …
1
First published (updated )
Gradle 8End of life
First published (updated )
Gradle 8End of life
First published (updated )
Gradle 7End of life
First published (updated )
Gradle 7End of life
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.