CVE-2021-41584

Gradle Enterprise before 2021.1.3 can allow unauthorized viewing of a response information disclosure of possibly sensitive build/configuration details via a crafted HTTP request with the X-Gradle-Enterprise-Ajax-Request header...

BIT-GRADLE-2021-41587

In Gradle Enterprise before 2021.1.3, an attacker with the ability to perform SSRF attacks can potentially discover credentials for other resources...

CVE-2021-43202

In JetBrains TeamCity before 2021.1.3, the X-Frame-Options header is missing in some cases...

CVE-2021-43201

In JetBrains TeamCity before 2021.1.3, a newly created project could take settings from an already deleted project...

Gradle Enterprise Server-Side Request Forgery Vulnerability (CNVD-2021-89947)

Gradle Enterprise improves developer productivity by accelerating builds, improving build reliability, and speeding up build debugging.A server-side request forgery vulnerability exists in versions of Gradle Enterprise prior to 2021.1.3. An attacker could use this vulnerability to reset system us...

Gradle Enterprise server-side request forgery vulnerability

Gradle Enterprise improves developer productivity by accelerating builds, improving build reliability, and speeding up build debugging.A server-side request forgery vulnerability exists in versions of Gradle Enterprise prior to 2021.1.3. An attacker could use this vulnerability to discover...

CVE-2021-41586

In Gradle Enterprise before 2021.1.3, an attacker with the ability to perform SSRF attacks can potentially reset the system user password...

CVE-2021-41586

In Gradle Enterprise before 2021.1.3, an attacker with the ability to perform SSRF attacks can potentially reset the system user password...

CVE-2021-41587

In Gradle Enterprise before 2021.1.3, an attacker with the ability to perform SSRF attacks can potentially discover credentials for other resources...

PT-2021-23349 · Gradle · Gradle Enterprise

Name of the Vulnerable Software and Affected Versions: Gradle Enterprise versions prior to 2021.1.3 Description: The issue allows an attacker with the ability to perform Server-Side Request Forgery SSRF attacks to potentially reset the system user password. SSRF is a type of attack where an...

PT-2021-23348 · Gradle · Gradle Enterprise

Name of the Vulnerable Software and Affected Versions: Gradle Enterprise versions prior to 2021.1.3 Description: The issue allows unauthorized viewing of a response, which may disclose sensitive build or configuration details, via a crafted HTTP request with the X-Gradle-Enterprise-Ajax-Request...

Gradle 代码问题漏洞

Gradle Enterprise improves developer productivity by accelerating builds, improving build reliability, and speeding up build debugging.A server-side request forgery vulnerability exists in versions of Gradle Enterprise prior to 2021.1.3. An attacker could use this vulnerability to reset system us...

Gradle 代码问题漏洞

Gradle Enterprise improves developer productivity by accelerating builds, improving build reliability, and speeding up build debugging.A deserialization vulnerability exists in versions of Gradle Enterprise prior to 2021.1.3. An attacker could exploit this vulnerability to achieve remote code...

Gradle 代码问题漏洞

Gradle Enterprise improves developer productivity by accelerating builds, improving build reliability, and speeding up build debugging.A server-side request forgery vulnerability exists in versions of Gradle Enterprise prior to 2021.1.3. An attacker could use this vulnerability to discover...

PT-2021-23350 · Gradle · Gradle Enterprise

Name of the Vulnerable Software and Affected Versions: Gradle Enterprise versions prior to 2021.1.3 Description: The issue allows an attacker with the ability to perform Server-Side Request Forgery SSRF attacks to potentially discover credentials for other resources. SSRF is a type of attack wher...

Home Assistant 路径遍历漏洞

Home Assistant is an open source home automation management system. The system is primarily used to control home automation devices. A directory traversal vulnerability exists in Home Assistant prior to version 2021.1.3. The vulnerability stems from a failure to properly filter for special elemen...