CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Gradle: >> Gradle >> 2.8 Security Vulnerabilities

CVE-2019-11065

Gradle versions from 1.4 to 5.3.1 use an insecure HTTP URL to download dependencies when the built-in JavaScript or CoffeeScript Gradle plugins are used. Dependency artifacts could have been maliciously compromised by a MITM attack against the ajax.googleapis.com web site.

CVSS Score

5.9

EPSS Score

0.004

Published

2019-04-10

Page 2

Vulnerabilities

Vulnerable Software

Gradle: >> Gradle >> 2.8 Security Vulnerabilities

Products

Pricing

Contact Us