Gradle 安全漏洞

Gradle is the U.S. Gradle company's set of JVM-based project build tool , it supports maven, Ivy repository and so on. Gradle Enterprise prior to 2021.4.2 suffers from a security vulnerability that stems from the default built-in build cache configuration allowing anonymous write access. If this...

PT-2022-17242 · Gradle · Gradle Enterprise

Name of the Vulnerable Software and Affected Versions: Gradle Enterprise versions prior to 2021.4.2 Description: The default built-in build cache configuration in Gradle Enterprise allowed anonymous write access, potentially enabling a malicious actor with network access to populate the cache wit...