Lucene search
K

12 matches found

RedhatCVE
RedhatCVE
added 2026/01/17 11:26 p.m.7 views

CVE-2026-22816

Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving dependencies in versions before 9.3.0, some exceptions were not treated as fatal errors and would not cause a repository to be disabled. If a build encountered one of these...

8.6CVSS6.8AI score0.00149EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/01/16 11:15 p.m.4 views

CVE-2026-22816

Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving dependencies in versions before 9.3.0, some exceptions were not treated as fatal errors and would not cause a repository to be disabled. If a build encountered one of these...

8.6CVSS5.9AI score0.00149EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-48735

Malicious code in bioql PyPI...

6.5CVSS5.8AI score0.0021EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-29930

Malicious code in bioql PyPI...

9.8CVSS7.9AI score0.01002EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-46893

Malicious code in bioql PyPI...

6.8CVSS6.3AI score0.00674EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2023-44387

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Gradle is a build tool with a focus on build automation and support for multi-language development. When copying or archiving symlinked files, Gradle resolves...

6.5CVSS6.5AI score0.0021EPSS
Exploits0References3
Prion
Prion
added 2023/04/28 4:15 p.m.16 views

Default configuration

Gradle Build Action allows users to execute a Gradle Build in their GitHub Actions workflow. A vulnerability impacts GitHub workflows using the Gradle Build Action prior to version 2.4.2 that have executed the Gradle Build Tool with the configuration cache enabled, potentially exposing secrets...

4CVSS6.5AI score0.00285EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2023/04/28 3:10 p.m.24 views

CVE-2023-30853 Gradle Build Action data written to GitHub Actions Cache may expose secrets

Gradle Build Action allows users to execute a Gradle Build in their GitHub Actions workflow. A vulnerability impacts GitHub workflows using the Gradle Build Action prior to version 2.4.2 that have executed the Gradle Build Tool with the configuration cache enabled, potentially exposing secrets...

7.6CVSS6.8AI score0.00285EPSS
Exploits0References4
CVE
CVE
added 2023/04/28 3:10 p.m.43 views

CVE-2023-30853

CVE-2023-30853 describes an information disclosure in the Gradle Build Action for GitHub Actions when the configuration cache is enabled in versions prior to 2.4.2. Environment variables passed to Gradle can be persisted into GitHub Actions cache entries, which may be read by untrusted workflows ...

7.6CVSS7.1AI score0.00285EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2023/04/28 12:0 a.m.8 views

PT-2023-23009 · Gradle +1 · Gradle Build Tool +1

Name of the Vulnerable Software and Affected Versions: Gradle Build Action versions prior to 2.4.2 Description: A vulnerability in the Gradle Build Action impacts GitHub workflows that have executed the Gradle Build Tool with the configuration cache enabled, potentially exposing secrets configure...

7.6CVSS6.5AI score0.00285EPSS
Exploits0References7
CVE
CVE
added 2022/07/14 8:5 p.m.83 views

CVE-2022-31156

CVE-2022-31156 : Gradle’s dependency verification can skip checksum verification when signature verification cannot be performed. Affected versions: 6.2–7.4.2. If verification metadata contains only a gpg element (no checksum) or if there is no signature file on the remote repo, Gradle may accept...

6.6CVSS5.2AI score0.00467EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/07/14 8:5 p.m.29 views

CVE-2022-31156 Gradle's dependency verification can ignore checksum verification when signature verification cannot be performed

Gradle is a build tool. Dependency verification is a security feature in Gradle Build Tool that was introduced to allow validation of external dependencies either through their checksum or cryptographic signatures. In versions 6.2 through 7.4.2, there are some cases in which Gradle may skip that...

6.6CVSS6.7AI score0.00467EPSS
Exploits0References2
Rows per page
Query Builder