vulnerability

SUSE: CVE-2019-15052: SUSE Linux Security Advisory

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:L/Au:N/C:P/I:N/A:N)	08/14/2019	08/09/2024	08/09/2024

Severity

CVSS

(AV:N/AC:L/Au:N/C:P/I:N/A:N)

Published

08/14/2019

Added

08/09/2024

Modified

08/09/2024

Description

The HTTP client in Gradle before 5.6 sends authentication credentials originally destined for the configured host. If that host returns a 30x redirect, Gradle also sends those credentials to all subsequent hosts that the request redirects to. This is similar to CVE-2018-1000007.

Solution(s)

suse-upgrade-gpars-bootstrapsuse-upgrade-gradlesuse-upgrade-gradle-bootstrapsuse-upgrade-groovy-bootstrap

References

CVE-2019-15052
https://attackerkb.com/topics/CVE-2019-15052

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today