-
Notifications
You must be signed in to change notification settings - Fork 4.8k
Security: gradle/gradle
Security Navigation
Security Advisories
View information about security vulnerabilities from this repository's maintainers.
-
Incorrect permission assignment for symlinked files used in copy or archiving operationsGHSA-43r3-pqhv-f7h9 published
Oct 4, 2023 by ljacometLow -
Possible local text file exfiltration by XML External entity injectionGHSA-mrff-q8qj-xvg8 published
Oct 4, 2023 by ljacometModerate -
Dependency cache path traversalGHSA-2h6c-rv6q-494v published
Jun 30, 2023 by ljacometModerate -
Path traversal vulnerabilities in handling of Tar archivesGHSA-84mw-qh6q-v842 published
Jun 30, 2023 by ljacometModerate -
Dependency verification: Usage of long IDs for PGP keys is unsafe and is subject to collision attacksGHSA-c724-3xg7-g3hf published
Feb 28, 2023 by ljacometModerate -
Dependency verification can ignore checksum verification when signature verification cannot be performedGHSA-j6wc-xfg8-jx2j published
Jul 14, 2022 by ljacometModerate -
Dependency verification can be bypassed when using `ResolutionStrategy.disableDependencyVerification()`GHSA-9pf5-88jw-3qgr published
Feb 10, 2022 by ljacometModerate -
Arbitrary code execution via specially crafted environment variablesGHSA-6j2p-252f-7mw8 published
Jul 20, 2021 by big-guyHigh -
Information disclosure through temporary directory permissionsGHSA-fp8h-qmr5-j4c8 published
Apr 10, 2021 by big-guyModerate -
Repository content filters do not work in Settings pluginManagementGHSA-jvmj-rh6q-x395 published
Apr 10, 2021 by big-guyHigh