Input validation

Due to improper validation of caller input, validation is silently disabled if the provided expected token is malformed, causing any user supplied token to be considered valid...

Gradle 安全漏洞

Gradle is a set of JVM-based project build tools from Gradle, Inc. that supports maven, Ivy repositories, and more. Gradle suffers from a security vulnerability that stems from the fact that under certain circumstances, Gradle may skip validation and accept a dependency that would otherwise cause...