In Gradle Enterprise prior to 2021.1.3, a crafted request can trigger deserialization of arbitrary unsafe Java objects. The attacker must have the encryption and signing keys.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gradle gradle |