CVE-2020-15772
https://notcve.org/view.php?id=CVE-2020-15772
An issue was discovered in Gradle Enterprise 2018.5 - 2020.2.4. When configuring Gradle Enterprise to integrate with a SAML identity provider, an XML metadata file can be uploaded by an administrator. The server side processing of this file dereferences XML External Entities (XXE), allowing a remote attacker with administrative access to perform server side request forgery. Se detectó un problema en Gradle Enterprise versiones 2018.5 - 2020.2.4. Al configurar Gradle Enterprise para integrarse con un proveedor de identidad SAML, un archivo de metadatos XML puede ser cargado por un administrador. • https://github.com/gradle/gradle/security/advisories https://security.gradle.com/advisory/CVE-2020-15772 • CWE-611: Improper Restriction of XML External Entity Reference CWE-918: Server-Side Request Forgery (SSRF) •
CVE-2020-15774
https://notcve.org/view.php?id=CVE-2020-15774
An issue was discovered in Gradle Enterprise 2018.5 - 2020.2.4. An attacker with physical access to the browser of a user who has recently logged in to Gradle Enterprise and since closed their browser could reopen their browser to access Gradle Enterprise as that user. Se detectó un problema en Gradle Enterprise versiones 2018.5 - 2020.2.4. Un atacante con acceso físico al navegador de un usuario que se ha conectado recientemente a Gradle Enterprise y que desde entonces ha cerrado su navegador podría reabrirlo para acceder a Gradle Enterprise como ese usuario • https://github.com/gradle/gradle/security/advisories https://security.gradle.com/advisory/CVE-2020-15774 • CWE-613: Insufficient Session Expiration •
CVE-2020-15775
https://notcve.org/view.php?id=CVE-2020-15775
An issue was discovered in Gradle Enterprise 2017.1 - 2020.2.4. The /usage page of Gradle Enterprise conveys high level build information such as project names and build counts over time. This page is incorrectly viewable anonymously. Se detectó un problema en Gradle Enterprise versiones 2017.1 - 2020.2.4. La página de uso de Gradle Enterprise transmite información de alto nivel como nombres de proyectos y recuentos de construcción a lo largo del tiempo. • https://github.com/gradle/gradle/security/advisories https://security.gradle.com/advisory/CVE-2020-15775 • CWE-922: Insecure Storage of Sensitive Information •
CVE-2020-15776
https://notcve.org/view.php?id=CVE-2020-15776
An issue was discovered in Gradle Enterprise 2018.2 - 2020.2.4. The CSRF prevention token is stored in a request cookie that is not annotated as HttpOnly. An attacker with the ability to execute arbitrary code in a user's browser could impose an arbitrary value for this token, allowing them to perform cross-site request forgery. Se detecto un problema en el Gradle Enterprise versiones 2018.2 - 2020.2.4. El token de prevención del CSRF se almacena en una cookie de petición que no está anotada como HttpOnly. • https://cwe.mitre.org/data/definitions/1004.html https://github.com/gradle/gradle/security/advisories https://security.gradle.com/advisory/CVE-2020-15776 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVE-2020-15768
https://notcve.org/view.php?id=CVE-2020-15768
An issue was discovered in Gradle Enterprise 2017.3 - 2020.2.4 and Gradle Enterprise Build Cache Node 1.0 - 9.2. Unrestricted HTTP header reflection in Gradle Enterprise allows remote attackers to obtain authentication cookies, if they are able to discover a separate XSS vulnerability. This potentially allows an attacker to impersonate another user. Gradle Enterprise affected application request paths:/info/headers, /cache-info/headers, /admin-info/headers, /distribution-broker-info/headers. Gradle Enterprise Build Cache Node affected application request paths:/cache-node-info/headers. • https://github.com/gradle/gradle/security/advisories https://security.gradle.com/advisory/CVE-2020-15768 •