CVE-2021-41588
24.09.2021, 15:15
In Gradle Enterprise before 2021.1.3, a crafted request can trigger deserialization of arbitrary unsafe Java objects. The attacker must have the encryption and signing keys.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| gradle | gradle | 2017.2 ≤ 𝑥 < 2021.1.3 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration