Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

gradle build cache node vulnerabilities and exploits

(subscribe to this query)
9.8
CVSSv3
CVE-2021-41589
In Gradle Enterprise prior to 2021.3 (and Enterprise Build Cache Node prior to 10.0), there is potential cache poisoning and remote code execution when running the build cache node with its default configuration. This configuration allows anonymous access to the configuration use...
Gradle Build Cache NodeGradle Enterprise
9.8
CVSSv3
CVE-2019-11403
In Gradle Enterprise prior to 2018.5.2, Build Cache Nodes would reflect the configured password back when viewing the HTML page source of the settings page.
Gradle EnterpriseGradle Build Cache Node
7.5
CVSSv3
CVE-2020-15768
An issue exists in Gradle Enterprise 2017.3 - 2020.2.4 and Gradle Enterprise Build Cache Node 1.0 - 9.2. Unrestricted HTTP header reflection in Gradle Enterprise allows remote malicious users to obtain authentication cookies, if they are able to discover a separate XSS vulnerabil...
Gradle Enterprise Cache NodeGradle Enterprise
7.5
CVSSv3
CVE-2020-15771
An issue exists in Gradle Enterprise 2018.2 and Gradle Enterprise Build Cache Node 4.1. Cross-site transmission of cookie containing CSRF token allows remote malicious user to bypass CSRF mitigation.
Gradle Enterprise 2018.2Gradle Enterprise Cache Node 4.1
9.8
CVSSv3
CVE-2022-1388
On F5 BIG-IP 16.1.x versions before 16.1.2.2, 15.1.x versions before 15.1.5.1, 14.1.x versions before 14.1.4.6, 13.1.x versions before 13.1.5, and all 12.1.x and 11.6.x versions, undisclosed requests may bypass iControl REST authentication. Note: Software versions which have reac...
F5 Big-ip Access Policy ManagerF5 Big-ip Advanced Firewall ManagerF5 Big-ip AnalyticsF5 Big-ip Application Acceleration ManagerF5 Big-ip Application Security ManagerF5 Big-ip Domain Name SystemF5 Big-ip Fraud Protection ServiceF5 Big-ip Global Traffic ManagerF5 Big-ip Link ControllerF5 Big-ip Local Traffic ManagerF5 Big-ip Policy Enforcement Manager
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4644unprivilegedCVE-2024-3494CVE-2024-22460CVE-2024-26026CVE-2024-23473firewallCVE-2024-28889XML external entity
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook