Gradle 安全漏洞

Gradle is a suite of JVM-based project build tools from Gradle, Inc. that supports maven, Ivy repositories, and more. A security vulnerability exists in Gradle that stems from a dependency validation failure if anything other than a fingerprint is used in the trust element of the dependency...

Gradle 数据伪造问题漏洞

Gradle is a set of JVM-based project building tools from the US company Gradle, which supports maven, Ivy repositories and more. A security vulnerability exists in Gradle versions prior to 7.5, which stems from the fact that dependency validation can ignore checksum validation when signature...

Gradle 安全漏洞

Gradle is a set of JVM-based project build tools from Gradle, Inc. that supports maven, Ivy repositories, and more. Gradle suffers from a security vulnerability that stems from the fact that under certain circumstances, Gradle may skip validation and accept a dependency that would otherwise cause...

GHSA-GVXV-5FP2-358Q Incorrect Resource Transfer Between Spheres in eclipse-wtp

In all versions prior to version 3.9.6 for eclipse-wtp, all versions prior to version 9.4.4 for eclipse-cdt, and all versions prior to version 3.0.1 for eclipse-groovy, Spotless was resolving dependencies over an insecure channel http. If the build occurred over an insecure connection, a maliciou...