Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gradle gradle vulnerabilities and exploits
(subscribe to this query)
578
VMScore
CVE-2022-30586
Gradle Enterprise up to and including 2022.2.2 has Incorrect Access Control that leads to code execution.
Gradle Gradle
535
VMScore
CVE-2022-23630
Gradle is a build tool with a focus on build automation and support for multi-language development. In some cases, Gradle may skip that verification and accept a dependency that would otherwise fail the build as an untrusted external artifact. This occurs when dependency verifica...
Gradle Gradle
534
VMScore
CVE-2021-29427
In Gradle from version 5.1 and before version 7.0 there is a vulnerability which can lead to information disclosure and/or dependency poisoning. Repository content filtering is a security control Gradle introduced to help users specify what repositories are used to resolve specif...
Gradle Gradle
Quarkus Quarkus
516
VMScore
CVE-2017-3160
After the Android platform is added to Cordova the first time, or after a project is created using the build scripts, the scripts will fetch Gradle on the first build. However, since the default URI is not using https, it is vulnerable to a MiTM and the Gradle executable is not s...
Apache Cordova
490
VMScore
CVE-2021-26719
A directory traversal issue exists in Gradle gradle-enterprise-test-distribution-agent prior to 1.3.2, test-distribution-gradle-plugin prior to 1.3.2, and gradle-enterprise-maven-extension prior to 1.8.2. A malicious actor (with certain credentials) can perform a registration ste...
Gradle Enterprise Test Distribution Agent
Gradle Maven
Gradle Test Distribution
454
VMScore
CVE-2019-9843
In DiffPlug Spotless prior to 1.20.0 (library and Maven plugin) and prior to 3.20.0 (Gradle plugin), the XML parser would resolve external entities over both HTTP and HTTPS and didn't respect the resolveExternalEntities setting. For example, this allows disclosure of file co...
Diffplug Gradle
Diffplug Maven
445
VMScore
CVE-2022-30587
Gradle Enterprise up to and including 2022.2.2 has Incorrect Access Control that leads to information disclosure.
Gradle Gradle Enterprise
445
VMScore
CVE-2022-24329
In JetBrains Kotlin prior to 1.6.0, it was not possible to lock dependencies for Multiplatform Gradle Projects.
Jetbrains Kotlin
Oracle Communications Pricing Design Center 12.0.0.4
Oracle Communications Pricing Design Center 12.0.0.5
Oracle Communications Cloud Native Core Binding Support Function 22.1.3
445
VMScore
CVE-2021-41590
In Gradle Enterprise up to and including 2021.3, probing of the server-side network environment can occur via an SMTP configuration test. The installation configuration user interface available to administrators allows testing the configured SMTP server settings. This test functi...
Gradle Enterprise
445
VMScore
CVE-2021-41587
In Gradle Enterprise prior to 2021.1.3, an attacker with the ability to perform SSRF attacks can potentially discover credentials for other resources.
Gradle Gradle
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »