Gradle ürünlerinde kritik XSS zafiyetleri tespit edildi.
Birden çok mevcut güvenlik açıklığı nedeniyle, siber saldırganlar tarafından hedef alınan sistemlerde zafiyete sebebiyet verebilmektedir. Bu zafiyetin ileriki zamanlarda zararlı yazılım yaymakta da kullanılabileceği öngörülmektedir. İlgili zafiyetlerin CVE kodları şu şekildedir CVE-2020-15776, CVE-2020-15767, CVE-2020-15768, CVE-2020-15769, CVE-2020-15770, CVE-2020-15771, CVE-2020-15772, CVE-2020-15773, CVE-2020-15774 ve CVE-2020-15775 .
Ulusal Siber Olaylara Müdahale Merkezi (USOM), sistem yöneticilerine; Gradle güncellemelerini ivedilikle yapmalarını önermektedir.
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-15767
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-15768
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-15769
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-15770
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-15771
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-15772
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-15773
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-15774
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-15775
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-15776
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-15776
2020-09-21