Gradle Security Vulnerabilities and Issues — Gradle CVE List

Lucene search

GradleGradle

3 matches found

CVE•added 2021/04/13 8:15 p.m.•87 views

CVE-2021-29428

In Gradle before version 7.0, on Unix-like systems, the system temporary directory can be created with open permissions that allow multiple users to create and delete files within it. Gradle builds could be vulnerable to a local privilege escalation from an attacker quickly deleting and recreating ...

8.8CVSS7.7AI score0.00051EPSS

CVE•added 2021/04/12 10:15 p.m.•79 views

CVE-2021-29429

In Gradle before version 7.0, files created with open permissions in the system temporary directory can allow an attacker to access information downloaded by Gradle. Some builds could be vulnerable to a local information disclosure. Remote files accessed through TextResourceFactory are downloaded i...

5.5CVSS4.8AI score0.00029EPSS

CVE•added 2021/04/13 8:15 p.m.•78 views

CVE-2021-29427

In Gradle from version 5.1 and before version 7.0 there is a vulnerability which can lead to information disclosure and/or dependency poisoning. Repository content filtering is a security control Gradle introduced to help users specify what repositories are used to resolve specific dependencies. Th...

8CVSS7AI score0.00557EPSS