Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A directory traversal issue was discovered in Gradle gradle-enterprise-test-distribution-agent before 1.3.2, test-distribution-gradle-plugin before 1.3.2, and gradle-enterprise-maven-extension before 1.8.2. A malicious actor (with certain credentials) can perform a registration step such that crafted TAR archives lead to extraction of files into arbitrary filesystem locations.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Gradle 路径遍历漏洞
Vulnerability Description
Gradle是美国Gradle公司的一套基于JVM的项目构建工具,它支持maven、Ivy仓库等。 多款 Gradle 代码库存在路径遍历漏洞,该漏洞使用精心构建的tar包提取到任意文件系统位置,以下产品及型号收到影响: gradle-enterprise-test-distribution-agent 1.3.2 之前版本, test-distribution-gradle-plugin 1.3.2 之前版本, gradle-enterprise-maven-extension 1.8.2 之前版本。
CVSS Information
N/A
Vulnerability Type
N/A