Lucene search

CVE-2023-44387

🗓️ 05 Oct 2023 18:12:15Reported by [email protected]Type

Gradle resolves symlink permissions improperly, leading to potential attack vectors, resolved in versions 7.6.3, 8.4 and abov

Reporter	Title	Published	Views	Family All 13
Cvelist	CVE-2023-44387 Gradle has incorrect permission assignment for symlinked files used in copy or archiving operations	5 Oct 202317:51	–	cvelist
CVE	CVE-2023-44387	5 Oct 202318:15	–	cve
RedhatCVE	CVE-2023-44387	9 Oct 202318:54	–	redhatcve
Tenable Nessus	Linux Distros Unpatched Vulnerability : CVE-2023-44387	5 Mar 202500:00	–	nessus
Tenable Nessus	RHEL 6 : gradle (Unpatched Vulnerability)	3 Jun 202400:00	–	nessus
OSV	BIT-gradle-2023-44387	6 Mar 202410:52	–	osv
OSV	CVE-2023-44387	5 Oct 202318:15	–	osv
UbuntuCve	CVE-2023-44387	5 Oct 202300:00	–	ubuntucve
AlpineLinux	CVE-2023-44387	5 Oct 202318:15	–	alpinelinux
Prion	Design/Logic Flaw	5 Oct 202318:15	–	prion

Nvd

Node

gradle gradleRange<7.6.3

gradle gradleRange8.0.0–8.4.0

Source	Link
security	www.security.netapp.com/advisory/ntap-20231110-0006/
github	www.github.com/gradle/gradle/releases/tag/v7.6.3
github	www.github.com/gradle/gradle/commit/3b406191e24d69e7e42dc3f3b5cc50625aa930b7
github	www.github.com/gradle/gradle/releases/tag/v8.4.0
github	www.github.com/gradle/gradle/security/advisories/GHSA-43r3-pqhv-f7h9

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

05 Oct 2023 18:15Current

4.9Medium risk

Vulners AI Score4.9

CVSS36.5

EPSS0.00058

CWE-732