Security: gradle/gradle
Security Advisories
View information about security vulnerabilities from this repository's maintainers.
-
Dependency verification: Usage of long IDs for PGP keys is unsafe and is subject to collision attacksGHSA-c724-3xg7-g3hf published
Feb 28, 2023 by ljacometModerate severity -
Dependency verification can ignore checksum verification when signature verification cannot be performedGHSA-j6wc-xfg8-jx2j published
Jul 14, 2022 by ljacometModerate severity -
Dependency verification can be bypassed when using `ResolutionStrategy.disableDependencyVerification()`GHSA-9pf5-88jw-3qgr published
Feb 10, 2022 by ljacometModerate severity -
Arbitrary code execution via specially crafted environment variablesGHSA-6j2p-252f-7mw8 published
Jul 20, 2021 by big-guyHigh severity -
Information disclosure through temporary directory permissionsGHSA-fp8h-qmr5-j4c8 published
Apr 10, 2021 by big-guyModerate severity -
Repository content filters do not work in Settings pluginManagementGHSA-jvmj-rh6q-x395 published
Apr 10, 2021 by big-guyHigh severity -
CVE-2020-11979: Apache Ant insecure temporary file vulnerabilityGHSA-j45w-qrgf-25vm published
Jan 8, 2021 by big-guyModerate severity -
Local privilege escalation through system temporary directoryGHSA-89qm-pxvm-p336 published
Apr 10, 2021 by big-guyHigh severity -
Signing: GnuPG key passphrase captured in INFO and DEBUG logsGHSA-ww7h-4fx5-8c2j published
Jun 2, 2020 by big-guyModerate severity -
Signing Plugin: SHA1 used when signing artifactsGHSA-mrm8-42q4-6rm7 published
Oct 1, 2019 by big-guyLow severity