Default credentials

In Gradle Enterprise before 2018.5.2, Build Cache Nodes would reflect the configured password back when viewing the HTML page source of the settings page...

Design/Logic Flaw

arrow-kt Arrow before 0.9.0 resolved Gradle build artifacts for compiling and building the published JARs over HTTP instead of HTTPS. Any of these dependent artifacts could have been maliciously compromised by an MITM attack...

CVE-2019-11403

Gradle Enterprise prior to 2018.5.2 exposes the configured password in Build Cache Nodes when viewing the HTML source of the settings page. Cause: sensitive credential reflected in page source. Impact: potential disclosure of passwords to unauthorized viewers. Affected product/version: Gradle Ent...

CVE-2019-11403

In Gradle Enterprise before 2018.5.2, Build Cache Nodes would reflect the configured password back when viewing the HTML page source of the settings page...

CVE-2019-11402

In Gradle Enterprise before 2018.5.3, Build Cache Nodes did not store the credentials at rest in an encrypted format...

CVE-2019-11402

CVE-2019-11402 affects Gradle Enterprise prior to 2018.5.3. The root issue is that Build Cache Nodes did not store credentials at rest in encrypted format, exposing sensitive credentials if access to storage is obtained. The vulnerability is classed with high impact on confidentiality and integri...

PT-2019-12288 · Gradle · Gradle Enterprise

Name of the Vulnerable Software and Affected Versions: Gradle Enterprise versions prior to 2018.5.2 Description: The issue allows the configured password to be reflected back when viewing the HTML page source of the settings page in Build Cache Nodes. Recommendations: For versions prior to...

PT-2019-12287 · Gradle · Gradle Enterprise

Name of the Vulnerable Software and Affected Versions: Gradle Enterprise versions prior to 2018.5.3 Description: The issue concerns the storage of credentials in Build Cache Nodes. In Gradle Enterprise, these nodes did not store credentials at rest in an encrypted format. Recommendations: For...

CVE-2019-11065

A flaw was discovered in Gradle, where it uses an insecure HTTP URL to download dependencies. This flaw causes dependency artifacts to be maliciously compromised by a Man-in-the-middleMITM attack...

CVE-2019-11065

Gradle versions from 1.4 to 5.3.1 use an insecure HTTP URL to download dependencies when the built-in JavaScript or CoffeeScript Gradle plugins are used. Dependency artifacts could have been maliciously compromised by a MITM attack against the ajax.googleapis.com web site...

Design/Logic Flaw

Gradle versions from 1.4 to 5.3.1 use an insecure HTTP URL to download dependencies when the built-in JavaScript or CoffeeScript Gradle plugins are used. Dependency artifacts could have been maliciously compromised by a MITM attack against the ajax.googleapis.com web site...

UBUNTU-CVE-2019-11065

Gradle versions from 1.4 to 5.3.1 use an insecure HTTP URL to download dependencies when the built-in JavaScript or CoffeeScript Gradle plugins are used. Dependency artifacts could have been maliciously compromised by a MITM attack against the ajax.googleapis.com web site...

CVE-2019-11065

Gradle versions from 1.4 to 5.3.1 use an insecure HTTP URL to download dependencies when the built-in JavaScript or CoffeeScript Gradle plugins are used. Dependency artifacts could have been maliciously compromised by a MITM attack against the ajax.googleapis.com web site...

DEBIAN-CVE-2019-11065

Gradle versions from 1.4 to 5.3.1 use an insecure HTTP URL to download dependencies when the built-in JavaScript or CoffeeScript Gradle plugins are used. Dependency artifacts could have been maliciously compromised by a MITM attack against the ajax.googleapis.com web site...

CVE-2019-11065

Gradle versions from 1.4 to 5.3.1 use an insecure HTTP URL to download dependencies when the built-in JavaScript or CoffeeScript Gradle plugins are used. Dependency artifacts could have been maliciously compromised by a MITM attack against the ajax.googleapis.com web site...

CVE-2019-11065

CVE-2019-11065 affects Gradle versions 1.4–5.3.1, where the Gradle plugins for JavaScript or CoffeeScript used an insecure HTTP URL to fetch dependencies from ajax.googleapis.com. This path could allow MITM tampering of dependency artifacts. The provided connected documents confirm the vulnerabil...

CVE-2019-11065

Gradle versions from 1.4 to 5.3.1 use an insecure HTTP URL to download dependencies when the built-in JavaScript or CoffeeScript Gradle plugins are used. Dependency artifacts could have been maliciously compromised by a MITM attack against the ajax.googleapis.com web site...

CVE-2019-11065

Gradle versions from 1.4 to 5.3.1 use an insecure HTTP URL to download dependencies when the built-in JavaScript or CoffeeScript Gradle plugins are used. Dependency artifacts could have been maliciously compromised by a MITM attack against the ajax.googleapis.com web site...

PT-2019-12162 · Gradle +1 · Gradle +1

Name of the Vulnerable Software and Affected Versions: Gradle versions 1.4 through 5.3.1 Description: The issue arises from Gradle using an insecure HTTP URL to download dependencies when the built-in JavaScript or CoffeeScript Gradle plugins are used. This could allow dependency artifacts to be...

SMS-Stack - Framework to provided TPC/IP based characteristics to the GSM Short Message Service

Sms Stack is a Framework to provided TPC/IP based characteristics to the GSM Short Message Service. This framework works in multiple environments to provided a full stack integration in a service. The main layer features techniques to control the order and the number of sms for a given stream, an...