Vulnerabilities > Gradle > High

DATE CVE VULNERABILITY TITLE RISK
2021-09-24 CVE-2021-41588 Deserialization of Untrusted Data vulnerability in Gradle
In Gradle Enterprise before 2021.1.3, a crafted request can trigger deserialization of arbitrary unsafe Java objects.
network
high complexity
gradle CWE-502
8.1
8.1
2021-09-24 CVE-2021-41584 Unspecified vulnerability in Gradle
Gradle Enterprise before 2021.1.3 can allow unauthorized viewing of a response (information disclosure of possibly sensitive build/configuration details) via a crafted HTTP request with the X-Gradle-Enterprise-Ajax-Request header.
network
low complexity
gradle
7.5
7.5
2021-07-20 CVE-2021-32751 OS Command Injection vulnerability in Gradle
Gradle is a build tool with a focus on build automation.
network
high complexity
gradle CWE-78
7.5
7.5
2021-04-13 CVE-2021-29428 In Gradle before version 7.0, on Unix-like systems, the system temporary directory can be created with open permissions that allow multiple users to create and delete files within it.
local
low complexity
gradle quarkus
7.8
7.8
2021-04-13 CVE-2021-29427 In Gradle from version 5.1 and before version 7.0 there is a vulnerability which can lead to information disclosure and/or dependency poisoning.
network
low complexity
gradle quarkus
7.2
7.2
2020-10-01 CVE-2020-11979 As mitigation for CVE-2020-1945 Apache Ant 1.10.8 changed the permissions of temporary files it created so that only the current user was allowed to access them.
network
low complexity
apache gradle fedoraproject oracle
7.5
7.5
2020-09-18 CVE-2020-15776 Incorrect Permission Assignment for Critical Resource vulnerability in Gradle Enterprise
An issue was discovered in Gradle Enterprise 2018.2 - 2020.2.4.
network
low complexity
gradle CWE-732
8.8
8.8
2020-09-18 CVE-2020-15775 Insecure Storage of Sensitive Information vulnerability in Gradle Enterprise
An issue was discovered in Gradle Enterprise 2017.1 - 2020.2.4.
network
low complexity
gradle CWE-922
7.5
7.5
2020-09-18 CVE-2020-15771 Missing Encryption of Sensitive Data vulnerability in Gradle Enterprise and Enterprise Cache Node
An issue was discovered in Gradle Enterprise 2018.2 and Gradle Enterprise Build Cache Node 4.1.
network
low complexity
gradle CWE-311
7.5
7.5
2020-09-18 CVE-2020-15768 Unspecified vulnerability in Gradle Enterprise and Enterprise Cache Node
An issue was discovered in Gradle Enterprise 2017.3 - 2020.2.4 and Gradle Enterprise Build Cache Node 1.0 - 9.2.
network
low complexity
gradle
7.5
7.5