Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gradle vulnerabilities and exploits
(subscribe to this query)
850
VMScore
CVE-2021-41584
Gradle Enterprise prior to 2021.1.3 can allow unauthorized viewing of a response (information disclosure of possibly sensitive build/configuration details) via a crafted HTTP request with the X-Gradle-Enterprise-Ajax-Request header.
Gradle Gradle
650
VMScore
CVE-2023-35946
Gradle is a build tool with a focus on build automation and support for multi-language development. When Gradle writes a dependency into its dependency cache, it uses the dependency's coordinates to compute a file location. With specially crafted dependency coordinates, Grad...
Gradle Gradle
850
VMScore
CVE-2021-41587
In Gradle Enterprise prior to 2021.1.3, an attacker with the ability to perform SSRF attacks can potentially discover credentials for other resources.
Gradle Gradle
910
VMScore
CVE-2021-41588
In Gradle Enterprise prior to 2021.1.3, a crafted request can trigger deserialization of arbitrary unsafe Java objects. The attacker must have the encryption and signing keys.
Gradle Gradle
820
VMScore
CVE-2022-30586
Gradle Enterprise up to and including 2022.2.2 has Incorrect Access Control that leads to code execution.
Gradle Gradle
1000
VMScore
CVE-2019-15052
The HTTP client in Gradle prior to 5.6 sends authentication credentials originally destined for the configured host. If that host returns a 30x redirect, Gradle also sends those credentials to all subsequent hosts that the request redirects to. This is similar to CVE-2018-1000007...
Gradle Gradle
690
VMScore
CVE-2019-16370
The PGP signing plugin in Gradle prior to 6.0 relies on the SHA-1 algorithm, which might allow an malicious user to replace an artifact with a different one that has the same SHA-1 message digest, a related issue to CVE-2005-4900.
Gradle Gradle
630
VMScore
CVE-2023-42445
Gradle is a build tool with a focus on build automation and support for multi-language development. In some cases, when Gradle parses XML files, resolving XML external entities is not disabled. Combined with an Out Of Band XXE attack (OOB-XXE), just parsing XML can lead to exfilt...
Gradle Gradle
910
VMScore
CVE-2023-35947
Gradle is a build tool with a focus on build automation and support for multi-language development. In affected versions when unpacking Tar archives, Gradle did not check that files could be written outside of the unpack location. This could lead to important files being overwrit...
Gradle Gradle
850
VMScore
CVE-2021-41586
In Gradle Enterprise prior to 2021.1.3, an attacker with the ability to perform SSRF attacks can potentially reset the system user password.
Gradle Gradle
Preferred Score:
VMScore
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
directory listings wordpress plugin – ulisting
postquantum-feldman-vss
matio
CVE-2025-20115
CVE-2025-2025
HTML injection
SSTI
CVE-2025-2310
CVE-2025-27363
CVE-2025-2343
logicaldoc enterprise
CVE-2025-2163
dos
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »
Vulmon