Vulnerabilities > Gradle > Enterprise > 2020.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-09 | CVE-2023-49238 | Weak Password Requirements vulnerability in Gradle Enterprise In Gradle Enterprise before 2023.1, a remote attacker may be able to gain access to a new installation (in certain installation scenarios) because of a non-unique initial system user password. | 9.8 |
| 2022-03-17 | CVE-2022-25364 | Incorrect Default Permissions vulnerability in Gradle Enterprise In Gradle Enterprise before 2021.4.2, the default built-in build cache configuration allowed anonymous write access. | 8.1 |
| 2022-03-16 | CVE-2022-27225 | Missing Encryption of Sensitive Data vulnerability in Gradle Enterprise Gradle Enterprise before 2021.4.3 relies on cleartext data transmission in some situations. | 6.5 |
| 2021-10-27 | CVE-2021-41589 | Incorrect Permission Assignment for Critical Resource vulnerability in Gradle Build Cache Node and Enterprise In Gradle Enterprise before 2021.3 (and Enterprise Build Cache Node before 10.0), there is potential cache poisoning and remote code execution when running the build cache node with its default configuration. | 9.8 |
| 2020-09-18 | CVE-2020-15773 | Origin Validation Error vulnerability in Gradle Enterprise An issue was discovered in Gradle Enterprise before 2020.2.4. | 6.5 |
| 2020-09-18 | CVE-2020-15776 | Incorrect Permission Assignment for Critical Resource vulnerability in Gradle Enterprise An issue was discovered in Gradle Enterprise 2018.2 - 2020.2.4. | 8.8 |
| 2020-09-18 | CVE-2020-15775 | Insecure Storage of Sensitive Information vulnerability in Gradle Enterprise An issue was discovered in Gradle Enterprise 2017.1 - 2020.2.4. | 7.5 |
| 2020-09-18 | CVE-2020-15774 | Insufficient Session Expiration vulnerability in Gradle Enterprise An issue was discovered in Gradle Enterprise 2018.5 - 2020.2.4. | 6.8 |
| 2020-09-18 | CVE-2020-15772 | Server-Side Request Forgery (SSRF) vulnerability in Gradle Enterprise An issue was discovered in Gradle Enterprise 2018.5 - 2020.2.4. | 4.9 |
| 2020-09-18 | CVE-2020-15769 | Cross-site Scripting vulnerability in Gradle Enterprise 2020.2/2020.2.4 An issue was discovered in Gradle Enterprise 2020.2 - 2020.2.4. | 6.1 |