Gradle is vulnerable to Denial Of Services (DoS). The vulnerability exists because the library’s trusted-key
or pgp
elements do not properly verify if they use long IDs, which allows an attacker to cause an application crash by submitting the long IDs (64 bits).
github.com/gradle/gradle/commit/bf3cc0f2b463033037e67aaacda31291643ea1a9
github.com/gradle/gradle/security/advisories/GHSA-c724-3xg7-g3hf
secdb.alpinelinux.org/edge/community.yaml
secdb.alpinelinux.org/v3.17/community.yaml
secdb.alpinelinux.org/v3.18/community.yaml
security.netapp.com/advisory/ntap-20230413-0002/