CVE-2026-22816

Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving dependencies in versions before 9.3.0, some exceptions were not treated as fatal errors and would not cause a repository to be disabled. If a build encountered one of these...

CVE-2026-22865

Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving dependencies in versions before 9.3.0, some exceptions were not treated as fatal errors and would not cause a repository to be disabled. If a build encountered one of these...

UBUNTU-CVE-2026-22816

Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving dependencies in versions before 9.3.0, some exceptions were not treated as fatal errors and would not cause a repository to be disabled. If a build encountered one of these...

UBUNTU-CVE-2026-22865

Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving dependencies in versions before 9.3.0, some exceptions were not treated as fatal errors and would not cause a repository to be disabled. If a build encountered one of these...

CVE-2026-22865

CVE-2026-22865 affects Gradle (Gradle native-platform tool) for versions before 9.3.0. During dependency resolution, certain exceptions (e.g., NoHttpResponseException) were not treated as fatal, causing Gradle to continue to the next repository and potentially fetch from a malicious one. The issu...

CVE-2026-22865 Gradle's failure to disable repositories failing to answer can expose builds to malicious artifacts

Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving dependencies in versions before 9.3.0, some exceptions were not treated as fatal errors and would not cause a repository to be disabled. If a build encountered one of these...

CVE-2026-22865

Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving dependencies in versions before 9.3.0, some exceptions were not treated as fatal errors and would not cause a repository to be disabled. If a build encountered one of these...

CVE-2026-22865 Gradle's failure to disable repositories failing to answer can expose builds to malicious artifacts

Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving dependencies in versions before 9.3.0, some exceptions were not treated as fatal errors and would not cause a repository to be disabled. If a build encountered one of these...

CVE-2026-22865

Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving dependencies in versions before 9.3.0, some exceptions were not treated as fatal errors and would not cause a repository to be disabled. If a build encountered one of these...

CVE-2026-22865 Gradle's failure to disable repositories failing to answer can expose builds to malicious artifacts

Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving dependencies in versions before 9.3.0, some exceptions were not treated as fatal errors and would not cause a repository to be disabled. If a build encountered one of these...

CVE-2026-22865

Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving dependencies in versions before 9.3.0, some exceptions were not treated as fatal errors and would not cause a repository to be disabled. If a build encountered one of these...

CVE-2026-22816

Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving dependencies in versions before 9.3.0, some exceptions were not treated as fatal errors and would not cause a repository to be disabled. If a build encountered one of these...

CVE-2026-22816 Gradle fails to disable repositories which can expose builds to malicious artifacts

Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving dependencies in versions before 9.3.0, some exceptions were not treated as fatal errors and would not cause a repository to be disabled. If a build encountered one of these...

CVE-2026-22816

CVE-2026-22816 (Gradle) : Multiple sources describe a vulnerability in Gradle before 9.3.0 where non-fatal exceptions during dependency resolution would allow Gradle to continue to the next repository, and an unresolvable host name could let an attacker register a service under the build’s host n...

CVE-2026-22816 Gradle fails to disable repositories which can expose builds to malicious artifacts

Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving dependencies in versions before 9.3.0, some exceptions were not treated as fatal errors and would not cause a repository to be disabled. If a build encountered one of these...

CVE-2026-22816

Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving dependencies in versions before 9.3.0, some exceptions were not treated as fatal errors and would not cause a repository to be disabled. If a build encountered one of these...

CVE-2026-22816

Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving dependencies in versions before 9.3.0, some exceptions were not treated as fatal errors and would not cause a repository to be disabled. If a build encountered one of these...

Gradle security vulnerabilities

Gradle is a project build tool based on the JVM, developed by the American company Gradle Inc. It supports Maven and Ivy repositories. Prior to Gradle 9.3.0, there were security vulnerabilities. These vulnerabilities stemmed from the fact that certain exceptions were not treated as fatal errors...

PT-2026-3330

Name of the Vulnerable Software and Affected Versions Gradle versions prior to 9.3.0 Description Gradle’s native-platform tool, which provides Java bindings for native APIs, does not treat certain exceptions as fatal errors when resolving dependencies in versions before 9.3.0. This allows Gradle ...

PT-2026-3331

Name of the Vulnerable Software and Affected Versions Gradle versions prior to 9.3.0 Description Gradle, a build automation tool, has an issue where dependency resolution in versions before 9.3.0 does not treat certain exceptions as fatal errors. This allows Gradle to continue to subsequent...