Security Advisory

CVE-2019-16370

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-09-16 17:50:28

Last updated 2024-08-05 01:10:41

Assigner mitre

State PUBLISHED

Description

The PGP signing plugin in Gradle before 6.0 relies on the SHA-1 algorithm, which might allow an attacker to replace an artifact with a different one that has the same SHA-1 message digest, a related issue to CVE-2005-4900.

← Browse all CVEs View on cve.org ↗