Gradle Security Vulnerabilities (CVEs)
Track 9 security vulnerabilities affecting Gradle products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
This vulnerability in Gradle's dependency resolution allows an attacker to serve malicious artifacts if they can register a domain name matching an un...
Jan 16, 2026This vulnerability in Gradle's dependency resolution could allow an attacker to disrupt a legitimate repository and force builds to use a malicious re...
Jan 16, 2026A vulnerability in Gradle Build Action versions prior to 2.4.2 exposes GitHub Actions secrets when the Gradle configuration cache is enabled. Secrets ...
Apr 28, 2023Gradle Enterprise versions through 2022.2.2 have an incorrect access control vulnerability that allows unauthorized users to access sensitive informat...
Jun 6, 2022CVE-2022-27919 is a critical remote code execution vulnerability in Gradle Enterprise that allows attackers to execute arbitrary code on affected syst...
Mar 25, 2022Gradle Enterprise versions before 2021.4.2 had a default configuration allowing anonymous write access to the built-in build cache. This could allow a...
Mar 17, 2022CVE-2021-41619 is a remote code execution vulnerability in Gradle Enterprise that allows attackers with administrative access to execute arbitrary com...
Oct 27, 2021CVE-2021-32751 allows arbitrary code execution when attackers can manipulate environment variables for users running vulnerable Gradle start scripts o...
Jul 20, 2021This vulnerability allows local privilege escalation on Unix-like systems by exploiting insecure permissions in the system temporary directory. Attack...
Apr 13, 2021Why Monitor Gradle Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 9+ known vulnerabilities affecting Gradle products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Gradle packages in under 60 seconds. No agents required - completely agentless scanning that works across Gradle deployments.
Free vulnerability database: Access detailed information about every Gradle CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Gradle CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
