Lucene search
+L

7 matches found

nessus
nessus
added 2025/03/04 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2019-16370

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The PGP signing plugin in Gradle before 6.0 relies on the SHA-1 algorithm, which might allow an attacker to replace an artifact with a different one that has th...

5.9CVSS6.7AI score0.01025EPSS
Exploits1References3
susecve
susecve
added 2023/02/15 4:8 a.m.8 views

SUSE CVE-2019-16370

The PGP signing plugin in Gradle before 6.0 relies on the SHA-1 algorithm, which might allow an attacker to replace an artifact with a different one that has the same SHA-1 message digest, a related issue to CVE-2005-4900...

5.9CVSS7.8AI score0.01025EPSS
Exploits1References3
openvas
openvas
added 2023/01/27 12:0 a.m.25 views

Ubuntu: Security Advisory (USN-4858-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS5.8AI score0.01366EPSS
Exploits1References2
redhatcve
redhatcve
added 2019/10/07 6:36 a.m.71 views

CVE-2019-16370

The PGP signing plugin in Gradle before 6.0 relies on the SHA-1 algorithm, which might allow an attacker to replace an artifact with a different one that has the same SHA-1 message digest, a related issue to CVE-2005-4900...

5.9CVSS3.1AI score0.01025EPSS
Exploits1References3
nvd
nvd
added 2019/09/16 6:15 p.m.47 views

CVE-2019-16370

The PGP signing plugin in Gradle before 6.0 relies on the SHA-1 algorithm, which might allow an attacker to replace an artifact with a different one that has the same SHA-1 message digest, a related issue to CVE-2005-4900...

5.9CVSS5.9AI score0.01025EPSS
Exploits1References2
osv
osv
added 2019/09/16 6:15 p.m.29 views

CVE-2019-16370

The PGP signing plugin in Gradle before 6.0 relies on the SHA-1 algorithm, which might allow an attacker to replace an artifact with a different one that has the same SHA-1 message digest, a related issue to CVE-2005-4900...

5.9CVSS6.6AI score
Exploits0References2
cve
cve
added 2019/09/16 5:50 p.m.181 views

CVE-2019-16370

CVE-2019-16370 affects the PGP signing plugin for Gradle up to version 6.0. The root cause is reliance on SHA-1, enabling an attacker to replace an artifact with another having the same SHA-1 digest. This could permit spoofing/ tampering of artifacts. remediation: upgrade Gradle to 6.0 or later (...

5.9CVSS5.8AI score0.01025EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder