Approved changes feed: RSS · Atom
cpe:2.3:a:gradle:gradle:*:*:*:*:enterprise:*:*:*
part: a version: * update: *
| Vendor | Gradle (b220f387-772d-5a51-a45b-c271aaf9ad41) |
|---|---|
| Product | Gradle (9cc17218-570d-50c7-b534-83afbaea144e) |
| Edition | * |
| Language | * |
| Software edition | enterprise |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from purl2cpe mapping |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:deb/debian/gradle |
purl2cpe | 2026-06-01 10:13:30.090939 |
pkg:deb/ubuntu/gradle |
purl2cpe | 2026-06-01 10:13:30.090941 |
pkg:docker/gradle |
purl2cpe | 2026-06-01 10:13:30.090942 |
pkg:github/gradle/gradle |
purl2cpe | 2026-06-01 10:13:30.090944 |
pkg:rpm/opensuse/gradle |
purl2cpe | 2026-06-01 10:13:30.090945 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2022-30586 |
vulnerable | 2026-06-08 05:43:38.610078 |
Details available
Gradle Enterprise through 2022.2.2 has Incorrect Access Control that leads to code execution.
Published: 2022-06-06T18:33:45.000Z
Updated: 2024-08-03T06:56:13.120Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-41588 |
vulnerable | 2026-06-08 05:35:20.772785 |
Details available
In Gradle Enterprise before 2021.1.3, a crafted request can trigger deserialization of arbitrary unsafe Java objects. The attacker must have the encryption and signing keys.
Published: 2021-09-24T14:18:31.000Z
Updated: 2024-08-04T03:15:28.927Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-41587 |
vulnerable | 2026-06-08 05:35:20.772499 |
Details available
In Gradle Enterprise before 2021.1.3, an attacker with the ability to perform SSRF attacks can potentially discover credentials for other resources.
Published: 2021-09-24T14:18:43.000Z
Updated: 2024-08-04T03:15:29.200Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-41586 |
vulnerable | 2026-06-08 05:35:20.772196 |
Details available
In Gradle Enterprise before 2021.1.3, an attacker with the ability to perform SSRF attacks can potentially reset the system user password.
Published: 2021-09-24T14:18:53.000Z
Updated: 2024-08-04T03:15:29.202Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-41584 |
vulnerable | 2026-06-08 05:35:20.769561 |
Details available
Gradle Enterprise before 2021.1.3 can allow unauthorized viewing of a response (information disclosure of possibly sensitive build/configuration details) via a crafted HTTP request with the X-Gradle-Enterprise-Ajax-Request header.
Published: 2021-09-24T02:57:12.000Z
Updated: 2024-08-04T03:15:28.971Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.