Lucene search
K

22 matches found

ATTACKERKB
ATTACKERKB
added 2026/01/29 9:47 p.m.5 views

CVE-2026-25063

gradle-completion provides Bash and Zsh completion support for Gradle. A command injection vulnerability was found in gradle-completion up to and including 9.3.0 that allows arbitrary code execution when a user triggers Bash tab completion in a project containing a malicious Gradle build file. Th...

8.3CVSS6.2AI score0.00689EPSS
Exploits0References3Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/17 11:26 p.m.9 views

CVE-2026-22816

Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving dependencies in versions before 9.3.0, some exceptions were not treated as fatal errors and would not cause a repository to be disabled. If a build encountered one of these...

8.6CVSS6.8AI score0.00149EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/01/16 11:15 p.m.4 views

CVE-2026-22816

Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving dependencies in versions before 9.3.0, some exceptions were not treated as fatal errors and would not cause a repository to be disabled. If a build encountered one of these...

8.6CVSS5.9AI score0.00149EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/09 8:37 a.m.8 views

CVE-2019-11404

arrow-kt Arrow before 0.9.0 resolved Gradle build artifacts for compiling and building the published JARs over HTTP instead of HTTPS. Any of these dependent artifacts could have been maliciously compromised by an MITM attack...

8.1CVSS6.9AI score0.01136EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-48735

Malicious code in bioql PyPI...

6.5CVSS5.8AI score0.0021EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.27 views

EUVD-2023-1551

Malicious code in bioql PyPI...

7.6CVSS6.5AI score0.00285EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-46893

Malicious code in bioql PyPI...

6.8CVSS6.3AI score0.00674EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-29930

Malicious code in bioql PyPI...

9.8CVSS7.9AI score0.01002EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/23 6:5 a.m.6 views

CVE-2023-30853

Gradle Build Action allows users to execute a Gradle Build in their GitHub Actions workflow. A vulnerability impacts GitHub workflows using the Gradle Build Action prior to version 2.4.2 that have executed the Gradle Build Tool with the configuration cache enabled, potentially exposing secrets...

7.6CVSS7AI score0.00285EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2023-44387

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Gradle is a build tool with a focus on build automation and support for multi-language development. When copying or archiving symlinked files, Gradle resolves...

6.5CVSS6.5AI score0.0021EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2023/05/01 1:42 p.m.26 views

Data written to GitHub Actions Cache may expose secrets

Impact This vulnerability impacts GitHub workflows using the Gradle Build Action that have executed the Gradle Build Tool with the configuration cache enabled, potentially exposing secrets configured for the repository. Secrets configured for GitHub Actions are normally passed to the Gradle Build...

7.6CVSS6.5AI score0.00285EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2023/05/01 1:42 p.m.20 views

GHSA-H3QR-39J9-4R5V Data written to GitHub Actions Cache may expose secrets

Impact This vulnerability impacts GitHub workflows using the Gradle Build Action that have executed the Gradle Build Tool with the configuration cache enabled, potentially exposing secrets configured for the repository. Secrets configured for GitHub Actions are normally passed to the Gradle Build...

7.6CVSS6.9AI score0.00285EPSS
Exploits0References4
NVD
NVD
added 2023/04/28 4:15 p.m.60 views

CVE-2023-30853

Gradle Build Action allows users to execute a Gradle Build in their GitHub Actions workflow. A vulnerability impacts GitHub workflows using the Gradle Build Action prior to version 2.4.2 that have executed the Gradle Build Tool with the configuration cache enabled, potentially exposing secrets...

7.6CVSS7.6AI score0.00285EPSS
Exploits0References2
Prion
Prion
added 2023/04/28 4:15 p.m.16 views

Default configuration

Gradle Build Action allows users to execute a Gradle Build in their GitHub Actions workflow. A vulnerability impacts GitHub workflows using the Gradle Build Action prior to version 2.4.2 that have executed the Gradle Build Tool with the configuration cache enabled, potentially exposing secrets...

4CVSS6.5AI score0.00285EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/04/28 3:10 p.m.51 views

CVE-2023-30853 Gradle Build Action data written to GitHub Actions Cache may expose secrets

Gradle Build Action allows users to execute a Gradle Build in their GitHub Actions workflow. A vulnerability impacts GitHub workflows using the Gradle Build Action prior to version 2.4.2 that have executed the Gradle Build Tool with the configuration cache enabled, potentially exposing secrets...

7.6CVSS7.8AI score0.00285EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/04/28 3:10 p.m.8 views

CVE-2023-30853 Gradle Build Action data written to GitHub Actions Cache may expose secrets

Gradle Build Action allows users to execute a Gradle Build in their GitHub Actions workflow. A vulnerability impacts GitHub workflows using the Gradle Build Action prior to version 2.4.2 that have executed the Gradle Build Tool with the configuration cache enabled, potentially exposing secrets...

7.6CVSS7.6AI score0.00285EPSS
Exploits0References2
OSV
OSV
added 2023/04/28 3:10 p.m.25 views

CVE-2023-30853 Gradle Build Action data written to GitHub Actions Cache may expose secrets

Gradle Build Action allows users to execute a Gradle Build in their GitHub Actions workflow. A vulnerability impacts GitHub workflows using the Gradle Build Action prior to version 2.4.2 that have executed the Gradle Build Tool with the configuration cache enabled, potentially exposing secrets...

7.6CVSS6.8AI score0.00285EPSS
Exploits0References4
CVE
CVE
added 2023/04/28 3:10 p.m.43 views

CVE-2023-30853

CVE-2023-30853 describes an information disclosure in the Gradle Build Action for GitHub Actions when the configuration cache is enabled in versions prior to 2.4.2. Environment variables passed to Gradle can be persisted into GitHub Actions cache entries, which may be read by untrusted workflows ...

7.6CVSS7.1AI score0.00285EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2023/04/28 12:0 a.m.8 views

PT-2023-23009 · Gradle +1 · Gradle Build Tool +1

Name of the Vulnerable Software and Affected Versions: Gradle Build Action versions prior to 2.4.2 Description: A vulnerability in the Gradle Build Action impacts GitHub workflows that have executed the Gradle Build Tool with the configuration cache enabled, potentially exposing secrets configure...

7.6CVSS6.5AI score0.00285EPSS
Exploits0References7
Citrix
Citrix
added 2022/08/31 12:0 a.m.7 views

Unable to use managed-app-utility.jar from MAM-SDK with Java 11

Building a custom app using Java 11 or later, the gradle build chain fails when invoking the final stage "task generateMdx" as the jar file for this stage requiresJava 1.7/1.8 Java/JDK 8...

7.2AI score
Exploits0
Rows per page
Query Builder