Vulnerabilities > Gradle > Gradle > 3.5.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-06 | CVE-2023-42445 | Unspecified vulnerability in Gradle Gradle is a build tool with a focus on build automation and support for multi-language development. | 5.3 |
| 2023-10-05 | CVE-2023-44387 | Unspecified vulnerability in Gradle Gradle is a build tool with a focus on build automation and support for multi-language development. | 6.5 |
| 2023-06-30 | CVE-2023-35946 | Unspecified vulnerability in Gradle Gradle is a build tool with a focus on build automation and support for multi-language development. | 5.5 |
| 2023-06-30 | CVE-2023-35947 | Unspecified vulnerability in Gradle Gradle is a build tool with a focus on build automation and support for multi-language development. | 8.1 |
| 2021-07-20 | CVE-2021-32751 | OS Command Injection vulnerability in Gradle Gradle is a build tool with a focus on build automation. | 7.5 |
| 2021-04-13 | CVE-2021-29428 | In Gradle before version 7.0, on Unix-like systems, the system temporary directory can be created with open permissions that allow multiple users to create and delete files within it. | 7.8 |
| 2021-04-12 | CVE-2021-29429 | In Gradle before version 7.0, files created with open permissions in the system temporary directory can allow an attacker to access information downloaded by Gradle. | 5.5 |
| 2020-10-01 | CVE-2020-11979 | As mitigation for CVE-2020-1945 Apache Ant 1.10.8 changed the permissions of temporary files it created so that only the current user was allowed to access them. | 7.5 |
| 2019-09-16 | CVE-2019-16370 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Gradle The PGP signing plugin in Gradle before 6.0 relies on the SHA-1 algorithm, which might allow an attacker to replace an artifact with a different one that has the same SHA-1 message digest, a related issue to CVE-2005-4900. | 5.9 |
| 2019-08-14 | CVE-2019-15052 | Insufficiently Protected Credentials vulnerability in Gradle The HTTP client in Gradle before 5.6 sends authentication credentials originally destined for the configured host. | 9.8 |