AVG-1809 log

Package gradle, gradle-src
Status Fixed
Severity High
Type multiple issues
Affected 6.8.3-1
Fixed 7.0-1
Current 7.2-1 [community]
Ticket None
Created Tue Apr 13 08:16:39 2021
Issue Severity Remote Type Description
CVE-2021-29429 Medium No Information disclosure
In Gradle before version 7.0, files created with open permissions in the system temporary directory can allow an attacker to access information downloaded...
CVE-2021-29428 High No Privilege escalation
In Gradle before version 7.0, on Unix-like systems, the system temporary directory can be created with open permissions that allow multiple users to create...
CVE-2021-29427 High Yes Insufficient validation
In Gradle from version 5.1 and before version 7.0 there is a vulnerability which can lead to information disclosure and/or dependency poisoning. Repository...