864 matches found
CVE-2021-41584
Gradle Enterprise before 2021.1.3 can allow unauthorized viewing of a response information disclosure of possibly sensitive build/configuration details via a crafted HTTP request with the X-Gradle-Enterprise-Ajax-Request header...
CVE-2021-41584
Gradle Enterprise before 2021.1.3 can allow unauthorized viewing of a response information disclosure of possibly sensitive build/configuration details via a crafted HTTP request with the X-Gradle-Enterprise-Ajax-Request header...
Cross site request forgery (csrf)
Gradle Enterprise before 2021.1.3 can allow unauthorized viewing of a response information disclosure of possibly sensitive build/configuration details via a crafted HTTP request with the X-Gradle-Enterprise-Ajax-Request header...
CVE-2021-41584
Gradle Enterprise before 2021.1.3 can allow unauthorized viewing of a response information disclosure of possibly sensitive build/configuration details via a crafted HTTP request with the X-Gradle-Enterprise-Ajax-Request header...
CVE-2021-41584
Gradle Enterprise before 2021.1.3 is affected by an information-disclosure vulnerability: an attacker can use a crafted HTTP request containing the X-Gradle-Enterprise-Ajax-Request header to view a response that may include sensitive build/configuration details. The issue affects Gradle Enterpris...
Gradle 信息泄露漏洞
Gradle Enterprise can improve developer productivity by accelerating builds, improving build reliability, and speeding up build debugging. An attacker could exploit this vulnerability to obtain potentially sensitive build/configuration details via a specially crafted HTTP request with the...
Gradle 代码问题漏洞
Gradle Enterprise improves developer productivity by accelerating builds, improving build reliability, and speeding up build debugging.A deserialization vulnerability exists in versions of Gradle Enterprise prior to 2021.1.3. An attacker could exploit this vulnerability to achieve remote code...
Gradle 代码问题漏洞
Gradle Enterprise improves developer productivity by accelerating builds, improving build reliability, and speeding up build debugging.A server-side request forgery vulnerability exists in versions of Gradle Enterprise prior to 2021.1.3. An attacker could use this vulnerability to discover...
Gradle 代码问题漏洞
Gradle Enterprise improves developer productivity by accelerating builds, improving build reliability, and speeding up build debugging.A server-side request forgery vulnerability exists in versions of Gradle Enterprise prior to 2021.1.3. An attacker could use this vulnerability to reset system us...
PT-2021-23351 · Gradle · Gradle Enterprise
Name of the Vulnerable Software and Affected Versions: Gradle Enterprise versions prior to 2021.1.3 Description: The issue allows a crafted request to trigger deserialization of arbitrary unsafe Java objects. The attacker must have the encryption and signing keys. Recommendations: For versions...
PT-2021-23348 · Gradle · Gradle Enterprise
Name of the Vulnerable Software and Affected Versions: Gradle Enterprise versions prior to 2021.1.3 Description: The issue allows unauthorized viewing of a response, which may disclose sensitive build or configuration details, via a crafted HTTP request with the X-Gradle-Enterprise-Ajax-Request...
PT-2021-23349 · Gradle · Gradle Enterprise
Name of the Vulnerable Software and Affected Versions: Gradle Enterprise versions prior to 2021.1.3 Description: The issue allows an attacker with the ability to perform Server-Side Request Forgery SSRF attacks to potentially reset the system user password. SSRF is a type of attack where an...
PT-2021-23350 · Gradle · Gradle Enterprise
Name of the Vulnerable Software and Affected Versions: Gradle Enterprise versions prior to 2021.1.3 Description: The issue allows an attacker with the ability to perform Server-Side Request Forgery SSRF attacks to potentially discover credentials for other resources. SSRF is a type of attack wher...
OESA-2021-1309 gradle security update
Gradle is build automation evolved. Gradle can automate the building, testing, publishing, deployment and more of software packages or other types of projects such as generated static websites, generated documentation or indeed anything else. Gradle combines the power and flexibility of Ant with...
Gradle OS Command Injection Vulnerability
Gradle is a JVM-based project builder from Gradle, which supports maven, Ivy repositories, etc. Gradle has a security vulnerability in versions prior to 7.2 that could be exploited to change the environment variables of the user running the script and execute arbitrary code...
CVE-2021-32751
Gradle is a build tool with a focus on build automation. In versions prior to 7.2, start scripts generated by the application plugin and the gradlew script are both vulnerable to arbitrary code execution when an attacker is able to change environment variables for the user running the script. Thi...
DEBIAN-CVE-2021-32751
Gradle is a build tool with a focus on build automation. In versions prior to 7.2, start scripts generated by the application plugin and the gradlew script are both vulnerable to arbitrary code execution when an attacker is able to change environment variables for the user running the script. Thi...
CVE-2021-32751
Gradle is a build tool with a focus on build automation. In versions prior to 7.2, start scripts generated by the application plugin and the gradlew script are both vulnerable to arbitrary code execution when an attacker is able to change environment variables for the user running the script. Thi...
CVE-2021-32751
Gradle is a build tool with a focus on build automation. In versions prior to 7.2, start scripts generated by the application plugin and the gradlew script are both vulnerable to arbitrary code execution when an attacker is able to change environment variables for the user running the script. Thi...
Command injection
Gradle is a build tool with a focus on build automation. In versions prior to 7.2, start scripts generated by the application plugin and the gradlew script are both vulnerable to arbitrary code execution when an attacker is able to change environment variables for the user running the script. Thi...