CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

864 matches found

OSV•added 2021/07/20 11:15 p.m.•0 views

UBUNTU-CVE-2021-32751

Gradle is a build tool with a focus on build automation. In versions prior to 7.2, start scripts generated by the application plugin and the gradlew script are both vulnerable to arbitrary code execution when an attacker is able to change environment variables for the user running the script. Thi...

7.5CVSS6.3AI score0.02709EPSS

Exploits1References5

CVE•added 2021/07/20 10:55 p.m.•112 views

CVE-2021-32751

CVE-2021-32751 affects Gradle up to version 7.1. Vulnerability: start scripts generated by the application plugin and the gradlew script may be abused to execute arbitrary code if an attacker can change environment variables seen by the vulnerable scripts (Unix-like systems). Root cause: use of e...

8.5CVSS7.5AI score0.02709EPSS

Exploits1References3Affected Software1

Cvelist•added 2021/07/20 10:55 p.m.•14 views

CVE-2021-32751 Arbitrary code execution via specially crafted environment variables

7.5CVSS7.8AI score0.02709EPSS

Exploits1References3

Debian CVE•added 2021/07/20 10:55 p.m.•26 views

CVE-2021-32751

8.5CVSS7.8AI score0.02709EPSS

Exploits1

AlpineLinux•added 2021/07/20 10:55 p.m.•46 views

CVE-2021-32751

8.5CVSS7.6AI score0.02709EPSS

Exploits1

CNNVD•added 2021/07/20 12:0 a.m.•4 views

Gradle 操作系统命令注入漏洞

Gradle is a JVM-based project builder from Gradle, which supports maven, Ivy repositories, etc. Gradle has a security vulnerability in versions prior to 7.2 that could be exploited to change the environment variables of the user running the script and execute arbitrary code...

8.5CVSS8.7AI score0.02709EPSS

Exploits1References3

Positive Technologies•added 2021/07/10 12:0 a.m.•3 views

PT-2021-6458 · Gradle +2 · Gradle +2

Name of the Vulnerable Software and Affected Versions: Gradle versions prior to 7.2 Description: The issue concerns arbitrary code execution when an attacker can change environment variables for the user running the script. This affects those using gradlew on Unix-like systems or scripts generate...

8.5CVSS7.7AI score0.02709EPSS

Exploits1References26

vulnersOsv•added 2021/06/28 4:52 p.m.•3 views

com.alibaba.rsocket:alibaba-broker-server (>=1.0.0 <=1.0.0.RC4), com.dorkbox.GradleVaadin:com.dorkbox.GradleVaadin.gradle.plugin (>=0.1 <=14.1.4) +252 more potentially affected by CVE-2021-33604 via com.vaadin:flow-server (>=2.0.0 <=2.6.1)

com.vaadin:flow-server MAVEN version =2.0.0, =1.0.0, =0.1, =1.4.0, =1.0, =0.0.1, =14.0.0, =14.0.0, =0.0.3, =1.0.0, =0.3.1, =1.0.0, =1.0.0, =0.5.1, =2.0.1, =2.2.3 and more Source cves: CVE-2021-33604 Source advisory: OSV:GHSA-8VFW-V2JV-9HWC...

2.5CVSS5.8AI score0.00286EPSS

Exploits0

RedhatCVE•added 2021/04/14 6:9 p.m.•39 views

CVE-2021-29428

In Gradle before version 7.0, on Unix-like systems, the system temporary directory can be created with open permissions that allow multiple users to create and delete files within it. Gradle builds could be vulnerable to a local privilege escalation from an attacker quickly deleting and recreatin...

8.8CVSS1.8AI score0.00542EPSS

Exploits1References3

RedhatCVE•added 2021/04/14 5:39 p.m.•32 views

CVE-2021-29429

In Gradle before version 7.0, files created with open permissions in the system temporary directory can allow an attacker to access information downloaded by Gradle. Some builds could be vulnerable to a local information disclosure. Remote files accessed through TextResourceFactory are downloaded...

5.5CVSS1.4AI score0.00484EPSS

Exploits1References3

RedhatCVE•added 2021/04/14 5:39 p.m.•35 views

CVE-2021-29427

In Gradle from version 5.1 and before version 7.0 there is a vulnerability which can lead to information disclosure and/or dependency poisoning. Repository content filtering is a security control Gradle introduced to help users specify what repositories are used to resolve specific dependencies...

8CVSS7.1AI score0.01307EPSS

Exploits1References3