VYPR

Maven package

com.gradle/gradle-enterprise-maven-extension

pkg:maven/com.gradle/gradle-enterprise-maven-extension

Vulnerabilities (1)

  • CVE-2020-15777Aug 25, 2020
    affected < 1.6fixed 1.6

    An issue was discovered in the Maven Extension plugin before 1.6 for Gradle Enterprise. The extension uses a socket connection to send serialized Java objects. Deserialization is not restricted to an allow-list, thus allowing an attacker to achieve code execution via a malicious