Vulnerabilities > Gradle > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-06 | CVE-2023-42445 | XXE vulnerability in Gradle Gradle is a build tool with a focus on build automation and support for multi-language development. | 5.3 |
| 2023-10-05 | CVE-2023-44387 | Incorrect Permission Assignment for Critical Resource vulnerability in Gradle Gradle is a build tool with a focus on build automation and support for multi-language development. | 6.5 |
| 2023-06-30 | CVE-2023-35946 | Path Traversal vulnerability in Gradle Gradle is a build tool with a focus on build automation and support for multi-language development. | 5.5 |
| 2023-04-28 | CVE-2023-30853 | Cleartext Storage of Sensitive Information vulnerability in Gradle Build Action Gradle Build Action allows users to execute a Gradle Build in their GitHub Actions workflow. | 6.5 |
| 2022-07-14 | CVE-2022-31156 | Improper Verification of Cryptographic Signature vulnerability in Gradle Gradle is a build tool. | 4.4 |
| 2022-03-16 | CVE-2022-27225 | Missing Encryption of Sensitive Data vulnerability in Gradle Enterprise Gradle Enterprise before 2021.4.3 relies on cleartext data transmission in some situations. | 4.3 |
| 2022-02-10 | CVE-2022-23630 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Gradle Gradle is a build tool with a focus on build automation and support for multi-language development. | 6.0 |
| 2021-10-27 | CVE-2021-41590 | Unspecified vulnerability in Gradle Enterprise In Gradle Enterprise through 2021.3, probing of the server-side network environment can occur via an SMTP configuration test. | 5.0 |
| 2021-09-24 | CVE-2021-41586 | Server-Side Request Forgery (SSRF) vulnerability in Gradle In Gradle Enterprise before 2021.1.3, an attacker with the ability to perform SSRF attacks can potentially reset the system user password. | 5.0 |
| 2021-09-24 | CVE-2021-41587 | Server-Side Request Forgery (SSRF) vulnerability in Gradle In Gradle Enterprise before 2021.1.3, an attacker with the ability to perform SSRF attacks can potentially discover credentials for other resources. | 5.0 |