| 2021-09-24 | CVE-2021-41587 | Server-Side Request Forgery (SSRF) vulnerability in Gradle
In Gradle Enterprise before 2021.1.3, an attacker with the ability to perform SSRF attacks can potentially discover credentials for other resources. | 7.5 |
| 2021-09-24 | CVE-2021-41588 | Deserialization of Untrusted Data vulnerability in Gradle
In Gradle Enterprise before 2021.1.3, a crafted request can trigger deserialization of arbitrary unsafe Java objects. | 8.1 |
| 2021-09-24 | CVE-2021-41584 | Unspecified vulnerability in Gradle
Gradle Enterprise before 2021.1.3 can allow unauthorized viewing of a response (information disclosure of possibly sensitive build/configuration details) via a crafted HTTP request with the X-Gradle-Enterprise-Ajax-Request header. | 7.5 |
| 2021-07-20 | CVE-2021-32751 | OS Command Injection vulnerability in Gradle
Gradle is a build tool with a focus on build automation. | 7.5 |
| 2021-04-13 | CVE-2021-29428 | In Gradle before version 7.0, on Unix-like systems, the system temporary directory can be created with open permissions that allow multiple users to create and delete files within it. | 7.8 |
| 2021-04-13 | CVE-2021-29427 | In Gradle from version 5.1 and before version 7.0 there is a vulnerability which can lead to information disclosure and/or dependency poisoning. | 7.2 |
| 2021-04-12 | CVE-2021-29429 | In Gradle before version 7.0, files created with open permissions in the system temporary directory can allow an attacker to access information downloaded by Gradle. | 5.5 |
| 2021-02-09 | CVE-2021-26719 | Path Traversal vulnerability in Gradle products
A directory traversal issue was discovered in Gradle gradle-enterprise-test-distribution-agent before 1.3.2, test-distribution-gradle-plugin before 1.3.2, and gradle-enterprise-maven-extension before 1.8.2. | 6.5 |
| 2020-10-01 | CVE-2020-11979 | As mitigation for CVE-2020-1945 Apache Ant 1.10.8 changed the permissions of temporary files it created so that only the current user was allowed to access them. | 7.5 |
| 2020-09-18 | CVE-2020-15773 | Origin Validation Error vulnerability in Gradle Enterprise
An issue was discovered in Gradle Enterprise before 2020.2.4. | 6.5 |