Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Powerful build system for the JVM
Version 8.7-1 [extra]


Group Affected Fixed Severity Status Ticket
AVG-2192 7.1.1-1 7.2-1 High Fixed
AVG-1809 6.8.3-1 7.0-1 High Fixed
Issue Group Severity Remote Type Description
CVE-2021-32751 AVG-2192 High No Arbitrary command execution
In Gradle versions prior to 7.2, start scripts generated by the `application` plugin and the `gradlew` script are both vulnerable to arbitrary code...
CVE-2021-29429 AVG-1809 Medium No Information disclosure
In Gradle before version 7.0, files created with open permissions in the system temporary directory can allow an attacker to access information downloaded...
CVE-2021-29428 AVG-1809 High No Privilege escalation
In Gradle before version 7.0, on Unix-like systems, the system temporary directory can be created with open permissions that allow multiple users to create...
CVE-2021-29427 AVG-1809 High Yes Insufficient validation
In Gradle from version 5.1 and before version 7.0 there is a vulnerability which can lead to information disclosure and/or dependency poisoning. Repository...