Lucene search
K

55 matches found

Prion
Prion
added 2020/09/18 2:15 p.m.21 views

Design/Logic Flaw

An issue was discovered in Gradle Enterprise 2017.3 - 2020.2.4 and Gradle Enterprise Build Cache Node 1.0 - 9.2. Unrestricted HTTP header reflection in Gradle Enterprise allows remote attackers to obtain authentication cookies, if they are able to discover a separate XSS vulnerability. This...

5CVSS7.3AI score0.01677EPSS
Exploits0References2Affected Software2
Prion
Prion
added 2020/09/18 2:15 p.m.20 views

Design/Logic Flaw

An issue was discovered in Gradle Enterprise 2018.2 and Gradle Enterprise Build Cache Node 4.1. Cross-site transmission of cookie containing CSRF token allows remote attacker to bypass CSRF mitigation...

5CVSS7.6AI score0.01036EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2020/09/18 1:22 p.m.28 views

CVE-2020-15771

An issue was discovered in Gradle Enterprise 2018.2 and Gradle Enterprise Build Cache Node 4.1. Cross-site transmission of cookie containing CSRF token allows remote attacker to bypass CSRF mitigation...

7.6AI score0.01036EPSS
Exploits0References2
OSV
OSV
added 2019/04/22 11:29 a.m.6 views

CVE-2019-11402

In Gradle Enterprise before 2018.5.3, Build Cache Nodes did not store the credentials at rest in an encrypted format...

9.8CVSS7.3AI score0.01332EPSS
Exploits0References2
NVD
NVD
added 2019/04/22 11:29 a.m.34 views

CVE-2019-11402

In Gradle Enterprise before 2018.5.3, Build Cache Nodes did not store the credentials at rest in an encrypted format...

9.8CVSS9.5AI score0.01332EPSS
Exploits0References2
OSV
OSV
added 2019/04/22 11:29 a.m.6 views

CVE-2019-11403

In Gradle Enterprise before 2018.5.2, Build Cache Nodes would reflect the configured password back when viewing the HTML page source of the settings page...

9.8CVSS7.3AI score0.01176EPSS
Exploits0References2
NVD
NVD
added 2019/04/22 11:29 a.m.19 views

CVE-2019-11403

In Gradle Enterprise before 2018.5.2, Build Cache Nodes would reflect the configured password back when viewing the HTML page source of the settings page...

9.8CVSS9.6AI score0.01176EPSS
Exploits0References2
Prion
Prion
added 2019/04/22 11:29 a.m.17 views

Format string

In Gradle Enterprise before 2018.5.3, Build Cache Nodes did not store the credentials at rest in an encrypted format...

5CVSS9.4AI score0.01332EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2019/04/22 11:29 a.m.20 views

Default credentials

In Gradle Enterprise before 2018.5.2, Build Cache Nodes would reflect the configured password back when viewing the HTML page source of the settings page...

5CVSS9.4AI score0.01176EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2019/04/21 4:6 p.m.29 views

CVE-2019-11403

In Gradle Enterprise before 2018.5.2, Build Cache Nodes would reflect the configured password back when viewing the HTML page source of the settings page...

9.6AI score0.01176EPSS
Exploits0References2
CVE
CVE
added 2019/04/21 4:6 p.m.49 views

CVE-2019-11403

Gradle Enterprise prior to 2018.5.2 exposes the configured password in Build Cache Nodes when viewing the HTML source of the settings page. Cause: sensitive credential reflected in page source. Impact: potential disclosure of passwords to unauthorized viewers. Affected product/version: Gradle Ent...

9.8CVSS9.4AI score0.01176EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2019/04/21 4:6 p.m.26 views

CVE-2019-11402

In Gradle Enterprise before 2018.5.3, Build Cache Nodes did not store the credentials at rest in an encrypted format...

9.5AI score0.01332EPSS
Exploits0References2
CVE
CVE
added 2019/04/21 4:6 p.m.57 views

CVE-2019-11402

CVE-2019-11402 affects Gradle Enterprise prior to 2018.5.3. The root issue is that Build Cache Nodes did not store credentials at rest in encrypted format, exposing sensitive credentials if access to storage is obtained. The vulnerability is classed with high impact on confidentiality and integri...

9.8CVSS9.3AI score0.01332EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2019/04/21 12:0 a.m.6 views

PT-2019-12288 · Gradle · Gradle Enterprise

Name of the Vulnerable Software and Affected Versions: Gradle Enterprise versions prior to 2018.5.2 Description: The issue allows the configured password to be reflected back when viewing the HTML page source of the settings page in Build Cache Nodes. Recommendations: For versions prior to...

9.8CVSS9.4AI score0.01176EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2019/04/21 12:0 a.m.6 views

PT-2019-12287 · Gradle · Gradle Enterprise

Name of the Vulnerable Software and Affected Versions: Gradle Enterprise versions prior to 2018.5.3 Description: The issue concerns the storage of credentials in Build Cache Nodes. In Gradle Enterprise, these nodes did not store credentials at rest in an encrypted format. Recommendations: For...

9.8CVSS9.4AI score0.01332EPSS
Exploits0References4
Rows per page
Query Builder