CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-49238
https://notcve.org/view.php?id=CVE-2023-49238
In Gradle Enterprise before 2023.1, a remote attacker may be able to gain access to a new installation (in certain installation scenarios) because of a non-unique initial system user password. Although this password must be changed upon the first login, it is possible that an attacker logs in before the legitimate administrator logs in. En Gradle Enterprise anterior a 2023.1, un atacante remoto podría obtener acceso a una nueva instalación (en ciertos escenarios de instalación) debido a una contraseña de usuario inicial del sistema no única. Aunque esta contraseña debe cambiarse en el primer inicio de sesión, es posible que un atacante inicie sesión antes que el administrador legítimo. • https://security.gradle.com https://security.gradle.com/advisory/2023-01 https://security.netapp.com/advisory/ntap-20240216-0003 • CWE-521: Weak Password Requirements •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-42445 – Possible local file exfiltration by XML External entity injection
https://notcve.org/view.php?id=CVE-2023-42445
Gradle is a build tool with a focus on build automation and support for multi-language development. In some cases, when Gradle parses XML files, resolving XML external entities is not disabled. Combined with an Out Of Band XXE attack (OOB-XXE), just parsing XML can lead to exfiltration of local text files to a remote server. Gradle parses XML files for several purposes. Most of the time, Gradle parses XML files it generated or were already present locally. • https://github.com/gradle/gradle/releases/tag/v7.6.3 https://github.com/gradle/gradle/releases/tag/v8.4.0 https://github.com/gradle/gradle/security/advisories/GHSA-mrff-q8qj-xvg8 https://security.netapp.com/advisory/ntap-20231110-0006 https://access.redhat.com/security/cve/CVE-2023-42445 https://bugzilla.redhat.com/show_bug.cgi?id=2242538 • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-44387 – Gradle has incorrect permission assignment for symlinked files used in copy or archiving operations
https://notcve.org/view.php?id=CVE-2023-44387
Gradle is a build tool with a focus on build automation and support for multi-language development. When copying or archiving symlinked files, Gradle resolves them but applies the permissions of the symlink itself instead of the permissions of the linked file to the resulting file. This leads to files having too much permissions given that symlinks usually are world readable and writeable. While it is unlikely this results in a direct vulnerability for the impacted build, it may open up attack vectors depending on where build artifacts end up being copied to or un-archived. In versions 7.6.3, 8.4 and above, Gradle will now properly use the permissions of the file pointed at by the symlink to set permissions of the copied or archived file. • https://github.com/gradle/gradle/commit/3b406191e24d69e7e42dc3f3b5cc50625aa930b7 https://github.com/gradle/gradle/releases/tag/v7.6.3 https://github.com/gradle/gradle/releases/tag/v8.4.0 https://github.com/gradle/gradle/security/advisories/GHSA-43r3-pqhv-f7h9 https://security.netapp.com/advisory/ntap-20231110-0006 https://access.redhat.com/security/cve/CVE-2023-44387 https://bugzilla.redhat.com/show_bug.cgi?id=2242485 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 6.9EPSS: 0%CPEs: 2EXPL: 0CVE-2023-35946 – Dependency cache path traversal in Gradle
https://notcve.org/view.php?id=CVE-2023-35946
Gradle is a build tool with a focus on build automation and support for multi-language development. When Gradle writes a dependency into its dependency cache, it uses the dependency's coordinates to compute a file location. With specially crafted dependency coordinates, Gradle can be made to write files into an unintended location. The file may be written outside the dependency cache or over another file in the dependency cache. This vulnerability could be used to poison the dependency cache or overwrite important files elsewhere on the filesystem where the Gradle process has write permissions. • https://docs.gradle.org/current/userguide/dependency_verification.html https://github.com/gradle/gradle/commit/859eae2b2acf751ae7db3c9ffefe275aa5da0d5d https://github.com/gradle/gradle/commit/b07e528feb3a5ffa66bdcc358549edd73e4c8a12 https://github.com/gradle/gradle/security/advisories/GHSA-2h6c-rv6q-494v https://security.netapp.com/advisory/ntap-20230731-0003 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 8.1EPSS: 0%CPEs: 2EXPL: 0CVE-2023-35947 – Path traversal vulnerabilities in handling of Tar archives in Gradle
https://notcve.org/view.php?id=CVE-2023-35947
Gradle is a build tool with a focus on build automation and support for multi-language development. In affected versions when unpacking Tar archives, Gradle did not check that files could be written outside of the unpack location. This could lead to important files being overwritten anywhere the Gradle process has write permissions. For a build reading Tar entries from a Tar archive, this issue could allow Gradle to disclose information from sensitive files through an arbitrary file read. To exploit this behavior, an attacker needs to either control the source of an archive already used by the build or modify the build to interact with a malicious archive. • https://github.com/gradle/gradle/commit/1096b309520a8c315e3b6109a6526de4eabcb879 https://github.com/gradle/gradle/commit/2e5c34d57d0c0b7f0e8b039a192b91e5c8249d91 https://github.com/gradle/gradle/security/advisories/GHSA-84mw-qh6q-v842 https://security.netapp.com/advisory/ntap-20230803-0007 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •