vulnerability

SUSE: CVE-2019-15052: SUSE Linux Security Advisory

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:L/Au:N/C:P/I:N/A:N)	Aug 14, 2019	Aug 9, 2024	Aug 9, 2024

Severity

CVSS

(AV:N/AC:L/Au:N/C:P/I:N/A:N)

Published

Aug 14, 2019

Added

Aug 9, 2024

Modified

Aug 9, 2024

Description

The HTTP client in Gradle before 5.6 sends authentication credentials originally destined for the configured host. If that host returns a 30x redirect, Gradle also sends those credentials to all subsequent hosts that the request redirects to. This is similar to CVE-2018-1000007.

Solutions

suse-upgrade-gpars-bootstrapsuse-upgrade-gradlesuse-upgrade-gradle-bootstrapsuse-upgrade-groovy-bootstrap

References

CVE-2019-15052
https://attackerkb.com/topics/CVE-2019-15052

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today