VYPR

rpm package

opensuse/gradle-bootstrap&distro=openSUSE Leap 15.5

pkg:rpm/opensuse/gradle-bootstrap&distro=openSUSE%20Leap%2015.5

Vulnerabilities (2)

  • CVE-2021-29429Apr 12, 2021
    affected < 4.4.1-150200.3.9.1fixed 4.4.1-150200.3.9.1

    In Gradle before version 7.0, files created with open permissions in the system temporary directory can allow an attacker to access information downloaded by Gradle. Some builds could be vulnerable to a local information disclosure. Remote files accessed through TextResourceFacto

  • CVE-2019-15052Aug 14, 2019
    affected < 4.4.1-150200.3.9.1fixed 4.4.1-150200.3.9.1

    The HTTP client in Gradle before 5.6 sends authentication credentials originally destined for the configured host. If that host returns a 30x redirect, Gradle also sends those credentials to all subsequent hosts that the request redirects to. This is similar to CVE-2018-1000007.