Vulnerabilities > Gradle > Enterprise > 2020.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-09 | CVE-2023-49238 | Weak Password Requirements vulnerability in Gradle Enterprise In Gradle Enterprise before 2023.1, a remote attacker may be able to gain access to a new installation (in certain installation scenarios) because of a non-unique initial system user password. | 9.8 |
| 2022-03-17 | CVE-2022-25364 | Incorrect Default Permissions vulnerability in Gradle Enterprise In Gradle Enterprise before 2021.4.2, the default built-in build cache configuration allowed anonymous write access. | 8.1 |
| 2022-03-16 | CVE-2022-27225 | Missing Encryption of Sensitive Data vulnerability in Gradle Enterprise Gradle Enterprise before 2021.4.3 relies on cleartext data transmission in some situations. | 4.3 |
| 2020-09-18 | CVE-2020-15776 | Unspecified vulnerability in Gradle Enterprise An issue was discovered in Gradle Enterprise 2018.2 - 2020.2.4. | 8.8 |
| 2020-09-18 | CVE-2020-15775 | Insecure Storage of Sensitive Information vulnerability in Gradle Enterprise An issue was discovered in Gradle Enterprise 2017.1 - 2020.2.4. | 7.5 |
| 2020-09-18 | CVE-2020-15774 | Insufficient Session Expiration vulnerability in Gradle Enterprise An issue was discovered in Gradle Enterprise 2018.5 - 2020.2.4. | 6.8 |
| 2020-09-18 | CVE-2020-15772 | Server-Side Request Forgery (SSRF) vulnerability in Gradle Enterprise An issue was discovered in Gradle Enterprise 2018.5 - 2020.2.4. | 4.9 |
| 2020-09-18 | CVE-2020-15768 | Unspecified vulnerability in Gradle Enterprise and Enterprise Cache Node An issue was discovered in Gradle Enterprise 2017.3 - 2020.2.4 and Gradle Enterprise Build Cache Node 1.0 - 9.2. | 7.5 |