Lucene search
K

13 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.18 views

EUVD-2022-4164

Malicious code in bioql PyPI...

5.9CVSS6.2AI score0.01025EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2023/10/21 12:0 a.m.41 views

Ubuntu 18.04 ESM : Gradle vulnerabilities (USN-4858-1)

The remote Ubuntu 18.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4858-1 advisory. It was discovered that Gradle used an insecure HTTP URL to download dependencies when the built-in JavaScript or CoffeeScript Gradle plugins were used. A...

5.9CVSS6.8AI score0.01366EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2022/05/24 4:56 p.m.36 views

Use of a weak cryptographic algorithm in Gradle

The PGP signing plugin in Gradle before 6.0 relies on the SHA-1 algorithm, which might allow an attacker to replace an artifact with a different one that has the same SHA-1 message digest, a related issue to CVE-2005-4900...

5.9CVSS3AI score0.01025EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2021/08/14 11:3 a.m.4 views

OESA-2021-1309 gradle security update

Gradle is build automation evolved. Gradle can automate the building, testing, publishing, deployment and more of software packages or other types of projects such as generated static websites, generated documentation or indeed anything else. Gradle combines the power and flexibility of Ant with...

5.9CVSS7AI score0.01025EPSS
Exploits1References2
Ubuntu
Ubuntu
added 2021/03/15 10:44 p.m.61 views

USN-4858-1: Gradle vulnerabilities

It was discovered that Gradle used an insecure HTTP URL to download dependencies when the built-in JavaScript or CoffeeScript Gradle plugins were used. A remote unauthenticated attacker could possibly use this issue to perform a machine-in-the-middle attack. CVE-2019-11065 It was discovered that...

5.9CVSS6.7AI score0.01366EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2019/10/07 6:36 a.m.70 views

CVE-2019-16370

The PGP signing plugin in Gradle before 6.0 relies on the SHA-1 algorithm, which might allow an attacker to replace an artifact with a different one that has the same SHA-1 message digest, a related issue to CVE-2005-4900...

5.9CVSS3.1AI score0.01025EPSS
Exploits1References3
OSV
OSV
added 2019/09/16 6:15 p.m.27 views

CVE-2019-16370

The PGP signing plugin in Gradle before 6.0 relies on the SHA-1 algorithm, which might allow an attacker to replace an artifact with a different one that has the same SHA-1 message digest, a related issue to CVE-2005-4900...

5.9CVSS6.6AI score
Exploits0References2
OSV
OSV
added 2019/09/16 6:15 p.m.1 views

DEBIAN-CVE-2019-16370

The PGP signing plugin in Gradle before 6.0 relies on the SHA-1 algorithm, which might allow an attacker to replace an artifact with a different one that has the same SHA-1 message digest, a related issue to CVE-2005-4900...

5.9CVSS6.6AI score0.01025EPSS
Exploits1References1
Prion
Prion
added 2019/09/16 6:15 p.m.21 views

Denial of service

The PGP signing plugin in Gradle before 6.0 relies on the SHA-1 algorithm, which might allow an attacker to replace an artifact with a different one that has the same SHA-1 message digest, a related issue to CVE-2005-4900...

4.3CVSS5.8AI score0.01025EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2019/09/16 5:50 p.m.59 views

CVE-2019-16370

The PGP signing plugin in Gradle before 6.0 relies on the SHA-1 algorithm, which might allow an attacker to replace an artifact with a different one that has the same SHA-1 message digest, a related issue to CVE-2005-4900...

5.9AI score0.01025EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2019/09/16 5:50 p.m.27 views

CVE-2019-16370

The PGP signing plugin in Gradle before 6.0 relies on the SHA-1 algorithm, which might allow an attacker to replace an artifact with a different one that has the same SHA-1 message digest, a related issue to CVE-2005-4900...

5.9CVSS6.1AI score0.01025EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2019/01/03 12:0 a.m.26 views

Fedora 28 : roundcubemail (2018-c279b3696f)

Upstream announcement : Version 1.3.6 This is a security update to the stable version 1.3. It primarily fixes a recently discovered IMAP command injection vulnerability caused by insufficient input validation within the archive plugin. Details about the vulnerability are published under...

8.8CVSS7.9AI score0.02289EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/04/23 12:0 a.m.35 views

Fedora 27 : roundcubemail (2018-57fbdb1cb5)

Upstream announcement : Version 1.3.6 This is a security update to the stable version 1.3. It primarily fixes a recently discovered IMAP command injection vulnerability caused by insufficient input validation within the archive plugin. Details about the vulnerability are published under...

8.8CVSS7.9AI score0.02289EPSS
Exploits0References2
Rows per page
Query Builder