Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

gradle — Vulnerabilities & Security Advisories 18

Browse all 18 CVE security advisories affecting gradle. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by gradle:gradleEnterprisegradle-build-actiongradle-completion
CVE IDTitleCVSSSeverityPublished
CVE-2026-25063 gradle-completion has a Bash command injection issue — gradle-completionCWE-78 8.8AIHighAI2026-01-29
CVE-2026-22865 Gradle's failure to disable repositories failing to answer can expose builds to malicious artifacts — gradleCWE-494 5.3 -2026-01-16
CVE-2026-22816 Gradle fails to disable repositories which can expose builds to malicious artifacts — gradleCWE-829 8.2 -2026-01-16
CVE-2025-27148 Gradle vulnerable to local privilege escalation through system temporary directory — gradleCWE-378 8.8 High2025-02-25
CVE-2024-46881 Gradle 安全漏洞 — EnterpriseCWE-732 7.1 High2025-01-26
CVE-2025-24858 Gradle 安全漏洞 — EnterpriseCWE-201 9.8 -2025-01-26
CVE-2023-42445 Possible local file exfiltration by XML External entity injection — gradleCWE-611 6.8 Medium2023-10-06
CVE-2023-44387 Gradle has incorrect permission assignment for symlinked files used in copy or archiving operations — gradleCWE-732 3.2 Low2023-10-05
CVE-2023-35946 Dependency cache path traversal in Gradle — gradleCWE-22 6.9 Medium2023-06-30
CVE-2023-35947 Path traversal vulnerabilities in handling of Tar archives in Gradle — gradleCWE-22 6.9 Medium2023-06-30
CVE-2023-30853 Gradle Build Action data written to GitHub Actions Cache may expose secrets — gradle-build-actionCWE-200 7.6 High2023-04-28
CVE-2023-26053 Gradle usage of long IDs for PGP keys opens potential for collision attacks — gradleCWE-829 6.6 Medium2023-03-02
CVE-2022-31156 Gradle's dependency verification can ignore checksum verification when signature verification cannot be performed — gradleCWE-829 6.6 Medium2022-07-14
CVE-2022-23630 Dependency verification bypass in Gradle — gradleCWE-829 7.5 High2022-02-10
CVE-2021-32751 Arbitrary code execution via specially crafted environment variables — gradleCWE-78 7.5 High2021-07-20
CVE-2021-29427 Repository content filters do not work in Settings pluginManagement — gradleCWE-829 8.0 High2021-04-13
CVE-2021-29428 Local privilege escalation through system temporary directory — gradleCWE-379 8.8 High2021-04-13
CVE-2021-29429 Information disclosure through temporary directory permissions — gradleCWE-377 4.0 Medium2021-04-12

This page lists every published CVE security advisory associated with gradle. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.