In Gradle Enterprise before 2018.5.2, Build Cache Nodes would reflect the configured password back when viewing the HTML page source of the settings page.
References
Link | Resource |
---|---|
https://gradle.com/enterprise/releases/2018.5/#changes-2 | Release Notes Vendor Advisory |
https://security.gradle.com/advisory/CVE-2019-11403 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
20 Jan 2023, 15:58
Type | Values Removed | Values Added |
---|---|---|
First Time |
Gradle build Cache Node
|
|
CPE | cpe:2.3:a:gradle:build_cache_node:*:*:*:*:*:*:*:* | |
References | (CONFIRM) https://security.gradle.com/advisory/CVE-2019-11403 - Vendor Advisory |
Information
Published : 2019-04-22 11:29
Updated : 2023-12-10 12:59
NVD link : CVE-2019-11403
Mitre link : CVE-2019-11403
CVE.ORG link : CVE-2019-11403
JSON object : View
Products Affected
gradle
- enterprise
- build_cache_node
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor