Filter
-Infinity
0
Trending
redhat/gradleGradle usage of long IDs for PGP keys opens potential for collision attacks
9.8
First published (updated )
GradleGradle vulnerable to local privilege escalation through system temporary directory
8.8
EPSS
0.02%
First published (updated )
GradlePossible local file exfiltration by XML External entity injection
6.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
DevelocityDevelocity (formerly Gradle Enterprise) before 2024.3.1 allows an attacker who has network access to…
8.3
EPSS
0.04%
First published (updated )
Gradle Build ActionGradle Build Action data written to GitHub Actions Cache may expose secrets
7.6
First published (updated )
Gradle EnterpriseIn Gradle Enterprise through 2021.3, probing of the server-side network environment can occur via an…
5.3
First published (updated )
Gradle Build Cache NodeIn Gradle Enterprise before 2021.3 (and Enterprise Build Cache Node before 10.0), there is potential…
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
GradleIn Gradle Enterprise before 2021.1.3, a crafted request can trigger deserialization of arbitrary uns…
8.1
First published (updated )
GradleGradle Enterprise before 2021.1.3 can allow unauthorized viewing of a response (information disclosu…
7.5
First published (updated )
Gradle 8End of life
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Gradle 8End of life
First published (updated )
Gradle EnterpriseIn Gradle Enterprise before 2023.1, a remote attacker may be able to gain access to a new installati…
9.8
First published (updated )
GradleObjectSocketWrapper.java in Gradle 2.12 allows remote attackers to execute arbitrary code via a craf…
9.8
First published (updated )
GradleThe PGP signing plugin in Gradle before 6.0 relies on the SHA-1 algorithm, which might allow an atta…
5.9
First published (updated )
GradleThe HTTP client in Gradle before 5.6 sends authentication credentials originally destined for the co…
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Gradle EnterpriseIn Gradle Enterprise before 2018.5.3, Build Cache Nodes did not store the credentials at rest in an …
9.8
First published (updated )
Red Hat FedoraGradle versions from 1.4 to 5.3.1 use an insecure HTTP URL to download dependencies when the built-i…
5.9
First published (updated )
Gradle EnterpriseAn issue was discovered in Gradle Enterprise 2018.5. An attacker can potentially make repeated attem…
5.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Gradle EnterpriseAn issue was discovered in Gradle Enterprise 2017.1 - 2020.2.4. The /usage page of Gradle Enterprise…
7.5
First published (updated )
Gradle EnterpriseAn issue was discovered in Gradle Enterprise 2018.5 - 2020.2.4. An attacker with physical access to …
6.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.