SUSE SLED15 / SLES15 / openSUSE 15 Security Update : gradle (SUSE-SU-2024:3163-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2024:3163-1 advisory. - CVE-2023-35946: Fixed a dependency issue leading the cache to write files into an unintended location...

openSUSE Security Advisory (SUSE-SU-2024:3163-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2024:3163-1 Security update for gradle

This update for gradle fixes the following issues: - CVE-2023-35946: Fixed a dependency issue leading the cache to write files into an unintended location. bsc1212930...

BELL-CVE-2023-35946

Bulletin has no description...

CVE-2023-35946

creationtimestamp| type| source ---|---|--- 2023-07-01 00:15:28+00:00| seen| https://t.me/cibsecurity/65830...

CVE-2023-35946

CVE-2023-35946 is a path-traversal vulnerability in Gradle’s dependency caching. When Gradle writes a dependency into the cache, it uses the dependency coordinates to determine the file path; crafted coordinates can cause writes outside the cache or overwrite other files in the cache. This can en...