pkg:Bitnami/gradle
共 20 筆 CVECRITICAL1HIGH14MEDIUM5
✅ 檢查你的版本
所有已知漏洞
- CRITICAL9.8CVE-2023-26053Gradle usage of long IDs for PGP keys opens potential for collision attacks>= 6.2.0, < 6.9.4, >= 7.0.0, < 7.6.1
- HIGH8.8CVE-2025-27148Gradle vulnerable to local privilege escalation through system temporary directory>= 8.12.0, < 8.12.1
- HIGH8.1CVE-2021-41588In Gradle Enterprise before 2021.1.3, a crafted request can trigger deserialization of arbitrary unsafe Java objects.>= 2017.2.0, < 2021.1.3
- from 0, < 7.6.2, >= 8.0.0, < 8.2.0
- from 0, < 7.0.0
- HIGH7.5CVE-2021-41584Gradle Enterprise before 2021.1.3 can allow unauthorized viewing of a response (information disclosure of possibly sensitive build/configur…>= 2020.4.0, < 2021.1.3
- HIGH7.5CVE-2021-41586In Gradle Enterprise before 2021.1.3, an attacker with the ability to perform SSRF attacks can potentially reset the system user password.>= 2020.4.0, < 2021.1.3
- HIGH7.5CVE-2021-41587In Gradle Enterprise before 2021.1.3, an attacker with the ability to perform SSRF attacks can potentially discover credentials for other r…>= 2017.6.0, < 2021.1.3
- >= 6.2.0, < 7.3.4
- from 0, < 7.2.0
- from 0, < 6.8.0
- HIGH7.4CVE-2026-22865Gradle's failure to disable repositories failing to answer can expose builds to malicious artifactsfrom 0, < 9.3.0
- HIGH7.4CVE-2026-22816Gradle fails to disable repositories which can expose builds to malicious artifactsfrom 0, < 9.3.0
- >= 5.1.0, < 7.0.0
- HIGH7.2CVE-2022-30586Gradle Enterprise through 2022.2.2 has Incorrect Access Control that leads to code execution.from 0, < 1.3.1
- MEDIUM6.5CVE-2023-44387Gradle has incorrect permission assignment for symlinked files used in copy or archiving operationsfrom 0, < 7.6.3, >= 8.0.0, < 8.4.0
- from 0, < 7.6.2, >= 8.0.0, < 8.2.0
- from 0, < 7.0.0
- from 0, < 7.6.3, >= 8.0.0, < 8.4.0
- MEDIUM4.4CVE-2022-31156Gradle's dependency verification can ignore checksum verification when signature verification cannot be performed>= 6.2.0, < 7.5.0