Filters
Gradle GradlePossible local file exfiltration by XML External entity injection
6.8
First published (updated )
Gradle GradleGradle has incorrect permission assignment for symlinked files used in copy or archiving operations
6.5
First published (updated )
Gradle GradleThis is a collision attack on long IDs (64bits) for PGP keys. Users of dependency verification in G…
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Gradle GradleGradle's dependency verification can ignore checksum verification when signature verification cannot be performed
6.6
First published (updated )
Gradle GradleDependency verification bypass in Gradle
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Gradle GradleIn Gradle Enterprise before 2021.1.3, a crafted request can trigger deserialization of arbitrary uns…
8.1
First published (updated )
Gradle GradleGradle Enterprise before 2021.1.3 can allow unauthorized viewing of a response (information disclosu…
7.5
First published (updated )
Gradle GradleArbitrary code execution via specially crafted environment variables
8.5
First published (updated )
Gradle GradleRepository content filters do not work in Settings pluginManagement
8
First published (updated )
Gradle GradleInformation disclosure through temporary directory permissions
5.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Gradle GradleLocal privilege escalation through system temporary directory
8.8
First published (updated )
Gradle GradleThe PGP signing plugin in Gradle before 6.0 relies on the SHA-1 algorithm, which might allow an atta…
5.9
First published (updated )
Gradle GradleThe HTTP client in Gradle before 5.6 sends authentication credentials originally destined for the co…
9.8
First published (updated )
Fedoraproject FedoraGradle versions from 1.4 to 5.3.1 use an insecure HTTP URL to download dependencies when the built-i…
5.9
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Gradle GradleObjectSocketWrapper.java in Gradle 2.12 allows remote attackers to execute arbitrary code via a craf…
9.8
First published (updated )