Vulnerabilities > Gradle > Enterprise > 2018.5
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-09 | CVE-2023-49238 | Weak Password Requirements vulnerability in Gradle Enterprise In Gradle Enterprise before 2023.1, a remote attacker may be able to gain access to a new installation (in certain installation scenarios) because of a non-unique initial system user password. | 9.8 |
| 2022-03-17 | CVE-2022-25364 | Incorrect Default Permissions vulnerability in Gradle Enterprise In Gradle Enterprise before 2021.4.2, the default built-in build cache configuration allowed anonymous write access. | 8.1 |
| 2021-10-27 | CVE-2021-41589 | Incorrect Permission Assignment for Critical Resource vulnerability in Gradle Build Cache Node and Enterprise In Gradle Enterprise before 2021.3 (and Enterprise Build Cache Node before 10.0), there is potential cache poisoning and remote code execution when running the build cache node with its default configuration. | 9.8 |
| 2020-09-18 | CVE-2020-15773 | Origin Validation Error vulnerability in Gradle Enterprise An issue was discovered in Gradle Enterprise before 2020.2.4. | 6.5 |
| 2020-09-18 | CVE-2020-15776 | Incorrect Permission Assignment for Critical Resource vulnerability in Gradle Enterprise An issue was discovered in Gradle Enterprise 2018.2 - 2020.2.4. | 8.8 |
| 2020-09-18 | CVE-2020-15775 | Insecure Storage of Sensitive Information vulnerability in Gradle Enterprise An issue was discovered in Gradle Enterprise 2017.1 - 2020.2.4. | 7.5 |
| 2020-09-18 | CVE-2020-15774 | Insufficient Session Expiration vulnerability in Gradle Enterprise An issue was discovered in Gradle Enterprise 2018.5 - 2020.2.4. | 6.8 |
| 2020-09-18 | CVE-2020-15772 | Server-Side Request Forgery (SSRF) vulnerability in Gradle Enterprise An issue was discovered in Gradle Enterprise 2018.5 - 2020.2.4. | 4.9 |
| 2020-09-18 | CVE-2020-15770 | Improper Restriction of Excessive Authentication Attempts vulnerability in Gradle Enterprise 2018.5 An issue was discovered in Gradle Enterprise 2018.5. | 5.5 |
| 2020-09-18 | CVE-2020-15768 | Unspecified vulnerability in Gradle Enterprise and Enterprise Cache Node An issue was discovered in Gradle Enterprise 2017.3 - 2020.2.4 and Gradle Enterprise Build Cache Node 1.0 - 9.2. | 7.5 |