Your submission was sent successfully! Close

CVE-2016-6199

Published: 7 February 2017

ObjectSocketWrapper.java in Gradle 2.12 allows remote attackers to execute arbitrary code via a crafted serialized object.

Notes

AuthorNote
pfsmorigo
GUI was deprecated after version 4.0
Priority

Medium

CVSS 3 base score: 9.8

Status

Package Release Status
gradle
Launchpad, Ubuntu, Debian
artful Not vulnerable
(2.13-4)
bionic Not vulnerable
(2.13-4)
cosmic Not vulnerable
(2.13-4)
disco Not vulnerable
(2.13-4)
eoan Not vulnerable
(2.13-4)
focal Not vulnerable
(2.13-4)
groovy Not vulnerable
(2.13-4)
hirsute Not vulnerable
(2.13-4)
impish Not vulnerable
(2.13-4)
jammy Not vulnerable
(2.13-4)
precise Does not exist
(precise was needs-triage)
trusty Does not exist
(trusty was needed)
upstream Needs triage

xenial Ignored
(end of standard support, was needed)
yakkety Ignored
(reached end-of-life)
zesty Not vulnerable
(2.13-4)
Patches:
upstream: https://github.com/gradle/gradle/commit/b89b847866d2d