Linux Distros Unpatched Vulnerability : CVE-2023-35947

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Gradle is a build tool with a focus on build automation and support for multi-language development. In affected versions when unpacking Tar archives, Gradle did...

BIT-GRADLE-2023-35946 Dependency cache path traversal in Gradle

Gradle is a build tool with a focus on build automation and support for multi-language development. When Gradle writes a dependency into its dependency cache, it uses the dependency's coordinates to compute a file location. With specially crafted dependency coordinates, Gradle can be made to writ...

UBUNTU-CVE-2023-35947

Gradle is a build tool with a focus on build automation and support for multi-language development. In affected versions when unpacking Tar archives, Gradle did not check that files could be written outside of the unpack location. This could lead to important files being overwritten anywhere the...

PT-2023-25398 · Gradle +2 · Gradle +2

Name of the Vulnerable Software and Affected Versions: Gradle versions prior to 7.6.2 Gradle versions prior to 8.2 Description: This is a path traversal vulnerability when Gradle deals with Tar archives, often referenced as TarSlip, a variant of ZipSlip. When unpacking Tar archives, Gradle did no...