Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

864 matches found

AlpineLinux
AlpineLinuxadded 2022/07/14 8:15 p.m.32 views

CVE-2022-31156

Gradle is a build tool. Dependency verification is a security feature in Gradle Build Tool that was introduced to allow validation of external dependencies either through their checksum or cryptographic signatures. In versions 6.2 through 7.4.2, there are some cases in which Gradle may skip that...

6.6CVSS0.7AI score0.00454EPSS
Exploits0
Prion
Prionadded 2022/07/14 8:15 p.m.25 views

Design/Logic Flaw

Gradle is a build tool. Dependency verification is a security feature in Gradle Build Tool that was introduced to allow validation of external dependencies either through their checksum or cryptographic signatures. In versions 6.2 through 7.4.2, there are some cases in which Gradle may skip that...

1.7CVSS4.7AI score0.00454EPSS
Exploits0References2Affected Software1
CVE
CVEadded 2022/07/14 8:5 p.m.79 views

CVE-2022-31156

CVE-2022-31156 : Gradle’s dependency verification can skip checksum verification when signature verification cannot be performed. Affected versions: 6.2–7.4.2. If verification metadata contains only a gpg element (no checksum) or if there is no signature file on the remote repo, Gradle may accept...

6.6CVSS5.2AI score0.00454EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichmentadded 2022/07/14 8:5 p.m.5 views

CVE-2022-31156 Gradle's dependency verification can ignore checksum verification when signature verification cannot be performed

Gradle is a build tool. Dependency verification is a security feature in Gradle Build Tool that was introduced to allow validation of external dependencies either through their checksum or cryptographic signatures. In versions 6.2 through 7.4.2, there are some cases in which Gradle may skip that...

6.6CVSS6.6AI score0.00454EPSS
Exploits0References2
OSV
OSVadded 2022/07/14 8:5 p.m.28 views

CVE-2022-31156 Gradle's dependency verification can ignore checksum verification when signature verification cannot be performed

Gradle is a build tool. Dependency verification is a security feature in Gradle Build Tool that was introduced to allow validation of external dependencies either through their checksum or cryptographic signatures. In versions 6.2 through 7.4.2, there are some cases in which Gradle may skip that...

6.6CVSS4.9AI score0.00454EPSS
Exploits0References4
Cvelist
Cvelistadded 2022/07/14 8:5 p.m.18 views

CVE-2022-31156 Gradle's dependency verification can ignore checksum verification when signature verification cannot be performed

Gradle is a build tool. Dependency verification is a security feature in Gradle Build Tool that was introduced to allow validation of external dependencies either through their checksum or cryptographic signatures. In versions 6.2 through 7.4.2, there are some cases in which Gradle may skip that...

6.6CVSS6.7AI score0.00454EPSS
Exploits0References2
Debian CVE
Debian CVEadded 2022/07/14 8:5 p.m.45 views

CVE-2022-31156

Gradle is a build tool. Dependency verification is a security feature in Gradle Build Tool that was introduced to allow validation of external dependencies either through their checksum or cryptographic signatures. In versions 6.2 through 7.4.2, there are some cases in which Gradle may skip that...

6.6CVSS5AI score0.00454EPSS
Exploits0
CNNVD
CNNVDadded 2022/07/14 12:0 a.m.4 views

Gradle 数据伪造问题漏洞

Gradle is a set of JVM-based project building tools from the US company Gradle, which supports maven, Ivy repositories and more. A security vulnerability exists in Gradle versions prior to 7.5, which stems from the fact that dependency validation can ignore checksum validation when signature...

6.6CVSS5.1AI score0.00454EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2022/07/14 12:0 a.m.3 views

PT-2022-20571

Name of the Vulnerable Software and Affected Versions Gradle versions 6.2 through 7.4.2 Description Gradle is a build tool with a security feature called dependency verification, which validates external dependencies through checksum or cryptographic signatures. In affected versions, there are...

6.6CVSS5.8AI score0.00454EPSS
Exploits0References12
ATTACKERKB
ATTACKERKBadded 2022/06/06 8:15 p.m.2 views

CVE-2022-30587

Gradle Enterprise through 2022.2.2 has Incorrect Access Control that leads to information disclosure...

7.5CVSS5.8AI score0.00843EPSS
Exploits0References3
OSV
OSVadded 2022/06/06 8:15 p.m.1 views

CVE-2022-30587

Gradle Enterprise through 2022.2.2 has Incorrect Access Control that leads to information disclosure...

7.5CVSS5.8AI score
Exploits0References2
NVD
NVDadded 2022/06/06 8:15 p.m.17 views

CVE-2022-30587

Gradle Enterprise through 2022.2.2 has Incorrect Access Control that leads to information disclosure...

7.5CVSS0.00843EPSS
Exploits0References2
Prion
Prionadded 2022/06/06 8:15 p.m.15 views

Information disclosure

Gradle Enterprise through 2022.2.2 has Incorrect Access Control that leads to information disclosure...

5CVSS7.3AI score0.00843EPSS
Exploits0References2Affected Software1
CVE
CVEadded 2022/06/06 7:51 p.m.67 views

CVE-2022-30587

CVE-2022-30587 affects Gradle Enterprise up to version 2022.2.2, caused by Incorrect Access Control that leads to information disclosure. The vulnerability is documented across multiple sources (NVD entry; Red Hat advisory; PT Security) with CVSS details indicating network attack, low complexity,...

7.5CVSS7.2AI score0.00843EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2022/06/06 7:51 p.m.23 views

CVE-2022-30587

Gradle Enterprise through 2022.2.2 has Incorrect Access Control that leads to information disclosure...

7.5AI score0.00843EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2022/06/06 7:15 p.m.1 views

CVE-2022-30586

Gradle Enterprise through 2022.2.2 has Incorrect Access Control that leads to code execution...

7.2CVSS5.8AI score0.01221EPSS
Exploits0References3
OSV
OSVadded 2022/06/06 7:15 p.m.1 views

CVE-2022-30586

Gradle Enterprise through 2022.2.2 has Incorrect Access Control that leads to code execution...

7.2CVSS7.1AI score0.01221EPSS
Exploits0References2
NVD
NVDadded 2022/06/06 7:15 p.m.10 views

CVE-2022-30586

Gradle Enterprise through 2022.2.2 has Incorrect Access Control that leads to code execution...

7.2CVSS0.01221EPSS
Exploits0References2
Prion
Prionadded 2022/06/06 7:15 p.m.16 views

Design/Logic Flaw

Gradle Enterprise through 2022.2.2 has Incorrect Access Control that leads to code execution...

6.5CVSS7.2AI score0.01221EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2022/06/06 6:33 p.m.12 views

CVE-2022-30586

Gradle Enterprise through 2022.2.2 has Incorrect Access Control that leads to code execution...

7.4AI score0.01221EPSS
Exploits0References2
Rows per page
Query Builder