2 matches found
USN-4858-1 gradle vulnerabilities
It was discovered that Gradle used an insecure HTTP URL to download dependencies when the built-in JavaScript or CoffeeScript Gradle plugins were used. A remote unauthenticated attacker could possibly use this issue to perform a machine-in-the-middle attack. CVE-2019-11065 It was discovered that...
PT-2019-12162 · Gradle +1 · Gradle +1
Name of the Vulnerable Software and Affected Versions: Gradle versions 1.4 through 5.3.1 Description: The issue arises from Gradle using an insecure HTTP URL to download dependencies when the built-in JavaScript or CoffeeScript Gradle plugins are used. This could allow dependency artifacts to be...