Vulnerabilidades em Gradle
18 resultadosCVE-2021-32751HIGHArbitrary code execution via specially crafted environment variablesEPSS 2.7%CVE-2021-29427HIGHRepository content filters do not work in Settings pluginManagementEPSS 1.3%CVE-2022-23630HIGHDependency verification bypass in GradleEPSS 1.3%CVE-2023-26053MEDIUMGradle usage of long IDs for PGP keys opens potential for collision attacksEPSS 1.0%CVE-2026-25063HIGHgradle-completion has a Bash command injection issueEPSS 0.7%CVE-2023-42445MEDIUMPossible local file exfiltration by XML External entity injectionEPSS 0.7%CVE-2021-29428HIGHLocal privilege escalation through system temporary directoryEPSS 0.5%CVE-2023-35947MEDIUMPath traversal vulnerabilities in handling of Tar archives in GradleEPSS 0.5%CVE-2021-29429MEDIUMInformation disclosure through temporary directory permissionsEPSS 0.5%CVE-2022-31156MEDIUMGradle's dependency verification can ignore checksum verification when signature verification cannot be performedEPSS 0.5%CVE-2025-24858HIGHDevelocity (formerly Gradle Enterprise) before 2024.3.1 allows an attacker who has network access to a Develocity server to obtain the hasheEPSS 0.5%CVE-2024-46881HIGHDevelocity (formerly Gradle Enterprise) before 2024.1.8 has Incorrect Access Control. Project-level access control configuration was introduEPSS 0.3%CVE-2023-35946MEDIUMDependency cache path traversal in GradleEPSS 0.3%CVE-2023-30853HIGHGradle Build Action data written to GitHub Actions Cache may expose secretsEPSS 0.3%CVE-2025-27148HIGHGradle vulnerable to local privilege escalation through system temporary directoryEPSS 0.2%CVE-2023-44387LOWGradle has incorrect permission assignment for symlinked files used in copy or archiving operationsEPSS 0.2%CVE-2026-22816HIGHGradle fails to disable repositories which can expose builds to malicious artifactsEPSS 0.1%CVE-2026-22865HIGHGradle's failure to disable repositories failing to answer can expose builds to malicious artifactsEPSS 0.1%