| Bug | jessie | stretch | buster | bullseye | sid | Description |
|---|
| CVE-2019-16370 | vulnerable (no DSA, postponed) | vulnerable | vulnerable | vulnerable | vulnerable | The PGP signing plugin in Gradle before 6.0 relies on the SHA-1 algori ... |
| CVE-2019-15052 | vulnerable (no DSA, postponed) | vulnerable | vulnerable | vulnerable | vulnerable | The HTTP client in Gradle before 5.6 sends authentication credentials ... |
| CVE-2019-11065 | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable | vulnerable | Gradle versions from 1.4 to 5.3.1 use an insecure HTTP URL to download ... |
| CVE-2016-6199 | vulnerable (no DSA, ignored) | fixed | fixed | fixed | fixed | ObjectSocketWrapper.java in Gradle 2.12 allows remote attackers to exe ... |