CVE-2021-26719
EUVD-2021-1350709.02.2021, 14:15
A directory traversal issue was discovered in Gradle gradle-enterprise-test-distribution-agent before 1.3.2, test-distribution-gradle-plugin before 1.3.2, and gradle-enterprise-maven-extension before 1.8.2. A malicious actor (with certain credentials) can perform a registration step such that crafted TAR archives lead to extraction of files into arbitrary filesystem locations.
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| gradle | enterprise_test_distribution_agent | 𝑥 < 1.3.2 |
| gradle | maven | 1.8 ≤ 𝑥 ≤ 1.8.1 |
| gradle | test_distribution | 𝑥 < 1.3.2 |
𝑥
= Vulnerable software versions
Ubuntu Releases