Vulnerabilities > CVE-2021-41588 - Deserialization of Untrusted Data vulnerability in Gradle
Attack vector
NETWORK Attack complexity
HIGH Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
In Gradle Enterprise before 2021.1.3, a crafted request can trigger deserialization of arbitrary unsafe Java objects. The attacker must have the encryption and signing keys.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |