Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gradle vulnerabilities and exploits
(subscribe to this query)
0.006
EPSS
CVE-2022-30586
Gradle Enterprise up to and including 2022.2.2 has Incorrect Access Control that leads to code execution.
Gradle Gradle
0.000
EPSS
CVE-2023-44387
Gradle is a build tool with a focus on build automation and support for multi-language development. When copying or archiving symlinked files, Gradle resolves them but applies the permissions of the symlink itself instead of the permissions of the linked file to the resulting fil...
Gradle Gradle
0.002
EPSS
CVE-2021-32751
Gradle is a build tool with a focus on build automation. In versions before 7.2, start scripts generated by the `application` plugin and the `gradlew` script are both vulnerable to arbitrary code execution when an attacker is able to change environment variables for the user runn...
Gradle Gradle
0.001
EPSS
CVE-2023-35947
Gradle is a build tool with a focus on build automation and support for multi-language development. In affected versions when unpacking Tar archives, Gradle did not check that files could be written outside of the unpack location. This could lead to important files being overwrit...
Gradle Gradle
0.001
EPSS
CVE-2019-16370
The PGP signing plugin in Gradle prior to 6.0 relies on the SHA-1 algorithm, which might allow an malicious user to replace an artifact with a different one that has the same SHA-1 message digest, a related issue to CVE-2005-4900.
Gradle Gradle
0.005
EPSS
CVE-2021-41584
Gradle Enterprise prior to 2021.1.3 can allow unauthorized viewing of a response (information disclosure of possibly sensitive build/configuration details) via a crafted HTTP request with the X-Gradle-Enterprise-Ajax-Request header.
Gradle Gradle
0.002
EPSS
CVE-2021-41587
In Gradle Enterprise prior to 2021.1.3, an attacker with the ability to perform SSRF attacks can potentially discover credentials for other resources.
Gradle Gradle
0.001
EPSS
CVE-2021-41588
In Gradle Enterprise prior to 2021.1.3, a crafted request can trigger deserialization of arbitrary unsafe Java objects. The attacker must have the encryption and signing keys.
Gradle Gradle
0.003
EPSS
CVE-2023-26053
Gradle is a build tool with a focus on build automation and support for multi-language development. This is a collision attack on long IDs (64bits) for PGP keys. Users of dependency verification in Gradle are vulnerable if they use long IDs for PGP keys in a `trusted-key` or `pgp...
Gradle Gradle
0.003
EPSS
CVE-2023-42445
Gradle is a build tool with a focus on build automation and support for multi-language development. In some cases, when Gradle parses XML files, resolving XML external entities is not disabled. Combined with an Out Of Band XXE attack (OOB-XXE), just parsing XML can lead to exfilt...
Gradle Gradle
Preferred Score:
EPSS
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
CVE-2025-42599
CVE-2025-3808
phpgurukul
insecure direct object reference
CVE-2025-3840
CVE-2025-43967
men salon management system
denial of service
virtuemart component for joomla
pritunl
LFI
CVE-2025-32433
CVE-2022-47112
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »
Vulmon