rpm package
opensuse/gradle&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/gradle&distro=openSUSE%20Tumbleweed
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-16370 | — | < 4.4.1-7.2 | 4.4.1-7.2 | Sep 16, 2019 | The PGP signing plugin in Gradle before 6.0 relies on the SHA-1 algorithm, which might allow an attacker to replace an artifact with a different one that has the same SHA-1 message digest, a related issue to CVE-2005-4900. |
- CVE-2019-16370Sep 16, 2019affected < 4.4.1-7.2fixed 4.4.1-7.2
The PGP signing plugin in Gradle before 6.0 relies on the SHA-1 algorithm, which might allow an attacker to replace an artifact with a different one that has the same SHA-1 message digest, a related issue to CVE-2005-4900.