CVE-2019-11065

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2019-11065
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-11065.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2019-11065
Aliases
Downstream
Published
2019-04-10T00:29:00.243Z
Modified
2026-03-13T23:35:39.449134Z
Severity
  • 5.9 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
[none]
Details

Gradle versions from 1.4 to 5.3.1 use an insecure HTTP URL to download dependencies when the built-in JavaScript or CoffeeScript Gradle plugins are used. Dependency artifacts could have been maliciously compromised by a MITM attack against the ajax.googleapis.com web site.

References

Affected packages

Git / github.com/gradle/gradle

Affected ranges

Type
GIT
Repo
https://github.com/gradle/gradle
Events
Introduced
c2fc659ae4a060365a0da1d739bbc3b3b6e8ea8d
Last affected
f2fae6ba563cfb772c8bc35d31e43c59a5b620c3
Database specific 
{
    "versions": [
        {
            "introduced": "1.4"
        },
        {
            "last_affected": "5.3.1"
        }
    ]
}

Affected versions

REL_1.*
REL_1.10
REL_1.10-rc-1
REL_1.10-rc-2
REL_1.11
REL_1.11-rc-1
REL_1.12
REL_1.12-rc-1
REL_1.12-rc-2
REL_1.4
REL_1.4-rc-3
REL_1.5
REL_1.5-rc-1
REL_1.5-rc-2
REL_1.5-rc-3
REL_1.6
REL_1.6-rc-1
REL_1.7
REL_1.7-rc-1
REL_1.7-rc-2
REL_1.8
REL_1.8-rc-1
REL_1.8-rc-2
REL_1.9
REL_1.9-rc-1
REL_1.9-rc-2
REL_1.9-rc-3
REL_1.9-rc-4
REL_2.*
REL_2.0
REL_2.0-rc-1
REL_2.0-rc-2
REL_2.1
REL_2.1-rc-1
REL_2.1-rc-2
REL_2.1-rc-3
REL_2.1-rc-4
REL_2.10
REL_2.10-rc-1
REL_2.10-rc-2
REL_2.11
REL_2.11-rc-1
REL_2.11-rc-2
REL_2.11-rc-3
REL_2.12
REL_2.12-rc-1
REL_2.13
REL_2.13-rc-1
REL_2.13-rc-2
REL_2.14
REL_2.14-rc-1
REL_2.14-rc-2
REL_2.14-rc-3
REL_2.14-rc-4
REL_2.14-rc-5
REL_2.14-rc-6
REL_2.14.1
REL_2.14.1-rc-1
REL_2.14.1-rc-2
REL_2.2
REL_2.2-rc-1
REL_2.2-rc-2
REL_2.2.1
REL_2.2.1-rc-1
REL_2.3
REL_2.3-rc-1
REL_2.3-rc-2
REL_2.3-rc-3
REL_2.3-rc-4
REL_2.4
REL_2.4-rc-1
REL_2.4-rc-2
REL_2.5
REL_2.5-rc-1
REL_2.5-rc-2
REL_2.6
REL_2.6-rc-1
REL_2.6-rc-2
REL_2.7
REL_2.7-rc-1
REL_2.7-rc-2
REL_2.8
REL_2.8-rc-1
REL_2.8-rc-2
REL_2.9
REL_2.9-rc-1
REL_3.*
REL_3.0
REL_3.0-milestone-1
REL_3.0-milestone-2
REL_3.0-rc-1
REL_3.0-rc-2
REL_3.1
REL_3.1-rc-1
REL_3.2
REL_3.2-rc-1
REL_3.2-rc-2
REL_3.2-rc-3
REL_3.2.1
REL_3.3
REL_3.3-rc-1
REL_3.4
REL_3.4-rc-2
REL_3.4-rc-3
REL_3.4.1
REL_3.5
REL_3.5-rc-1
REL_3.5-rc-2
REL_3.5-rc-3
REL_3.5.1
REL_4.*
REL_4.0
REL_4.0-milestone-1
REL_4.0-milestone-2
REL_4.0-rc-1
REL_4.0-rc-2
REL_4.0-rc-3
REL_4.0.1
REL_4.0.2
REL_4.1
REL_4.1-milestone-1
REL_4.1-rc-1
REL_4.1-rc-2
REL_4.2
REL_4.2-rc-1
REL_4.2-rc-2
REL_4.2.1
REL_4.3
REL_4.3-rc-1
REL_4.3-rc-2
REL_4.3-rc-3
REL_4.3-rc-4
REL_4.3.1
REL_4.4
REL_4.4-rc-1
REL_4.4-rc-2
REL_4.4-rc-3
REL_4.4-rc-4
REL_4.4-rc-5
REL_4.4-rc-6
v1.*
v1.10
v1.10-RC1
v1.10-RC2
v1.10.0
v1.10.0-RC1
v1.10.0-RC2
v1.11
v1.11-RC1
v1.11.0
v1.11.0-RC1
v1.12
v1.12-RC1
v1.12-RC2
v1.12.0
v1.12.0-RC1
v1.12.0-RC2
v1.4
v1.4-RC3
v1.4.0
v1.4.0-RC3
v1.5
v1.5-RC1
v1.5-RC2
v1.5-RC3
v1.5.0
v1.5.0-RC1
v1.5.0-RC2
v1.5.0-RC3
v1.6
v1.6-RC1
v1.6.0
v1.6.0-RC1
v1.7
v1.7-RC1
v1.7-RC2
v1.7.0
v1.7.0-RC1
v1.7.0-RC2
v1.8
v1.8-RC1
v1.8-RC2
v1.8.0
v1.8.0-RC1
v1.8.0-RC2
v1.9
v1.9-RC1
v1.9-RC2
v1.9-RC3
v1.9-RC4
v1.9.0
v1.9.0-RC1
v1.9.0-RC2
v1.9.0-RC3
v1.9.0-RC4
v2.*
v2.0
v2.0-RC1
v2.0-RC2
v2.0.0
v2.0.0-RC1
v2.0.0-RC2
v2.1
v2.1-RC1
v2.1-RC2
v2.1-RC3
v2.1-RC4
v2.1.0
v2.1.0-RC1
v2.1.0-RC2
v2.1.0-RC3
v2.1.0-RC4
v2.10
v2.10-RC1
v2.10-RC2
v2.10.0
v2.10.0-RC1
v2.10.0-RC2
v2.11
v2.11-RC1
v2.11-RC2
v2.11-RC3
v2.11.0
v2.11.0-RC1
v2.11.0-RC2
v2.11.0-RC3
v2.12
v2.12-RC1
v2.12.0
v2.12.0-RC1
v2.13
v2.13-RC1
v2.13-RC2
v2.13.0
v2.13.0-RC1
v2.13.0-RC2
v2.14
v2.14-RC1
v2.14-RC2
v2.14-RC3
v2.14-RC4
v2.14-RC5
v2.14-RC6
v2.14.0
v2.14.0-RC1
v2.14.0-RC2
v2.14.0-RC3
v2.14.0-RC4
v2.14.0-RC5
v2.14.0-RC6
v2.14.1
v2.14.1-RC1
v2.14.1-RC2
v2.2
v2.2-RC1
v2.2-RC2
v2.2.0
v2.2.0-RC1
v2.2.0-RC2
v2.2.1
v2.2.1-RC1
v2.3
v2.3-RC1
v2.3-RC2
v2.3-RC3
v2.3-RC4
v2.3.0
v2.3.0-RC1
v2.3.0-RC2
v2.3.0-RC3
v2.3.0-RC4
v2.4
v2.4-RC1
v2.4-RC2
v2.4.0
v2.4.0-RC1
v2.4.0-RC2
v2.5
v2.5-RC1
v2.5-RC2
v2.5.0
v2.5.0-RC1
v2.5.0-RC2
v2.6
v2.6-RC1
v2.6-RC2
v2.6.0
v2.6.0-RC1
v2.6.0-RC2
v2.7
v2.7-RC1
v2.7-RC2
v2.7.0
v2.7.0-RC1
v2.7.0-RC2
v2.8
v2.8-RC1
v2.8-RC2
v2.8.0
v2.8.0-RC1
v2.8.0-RC2
v2.9
v2.9-RC1
v2.9.0
v2.9.0-RC1
v3.*
v3.0.0
v3.0.0-M1
v3.0.0-M2
v3.0.0-RC1
v3.0.0-RC2
v3.1.0
v3.1.0-RC1
v3.2.0
v3.2.0-RC1
v3.2.0-RC2
v3.2.0-RC3
v3.2.1
v3.3.0
v3.3.0-RC1
v3.4.0
v3.4.0-RC1
v3.4.0-RC2
v3.4.0-RC3
v3.4.1
v3.5.0
v3.5.0-RC1
v3.5.0-RC2
v3.5.0-RC3
v3.5.1
v4.*
v4.0.0
v4.0.0-M1
v4.0.0-M2
v4.0.0-RC1
v4.0.0-RC2
v4.0.0-RC3
v4.0.0-milestone-1
v4.0.1
v4.0.2
v4.1.0
v4.1.0-M1
v4.1.0-RC1
v4.1.0-RC2
v4.10.0
v4.10.0-RC1
v4.10.0-RC2
v4.10.0-RC3
v4.10.1
v4.10.2
v4.2.0
v4.2.0-RC1
v4.2.0-RC2
v4.2.1
v4.3.0
v4.3.0-RC1
v4.3.0-RC2
v4.3.0-RC3
v4.3.0-RC4
v4.3.1
v4.4.0
v4.4.0-RC1
v4.4.0-RC2
v4.4.0-RC3
v4.4.0-RC4
v4.4.0-RC5
v4.4.0-RC6
v4.4.1
v4.5.0
v4.5.0-RC1
v4.5.0-RC2
v4.5.1
v4.6.0
v4.6.0-RC1
v4.6.0-RC2
v4.7.0
v4.7.0-RC1
v4.7.0-RC2
v4.8.0
v4.8.0-RC1
v4.8.0-RC2
v4.8.0-RC3
v4.8.1
v4.9.0
v4.9.0-RC1
v4.9.0-RC2
v5.*
v5.0.0
v5.0.0-M1
v5.0.0-RC1
v5.0.0-RC2
v5.0.0-RC3
v5.0.0-RC4
v5.0.0-RC5
v5.1.0
v5.1.0-M1
v5.1.0-RC1
v5.1.0-RC2
v5.1.0-RC3
v5.1.1
v5.2.0
v5.2.0-RC1
v5.2.1
v5.3.0
v5.3.0-RC1
v5.3.0-RC2
v5.3.0-RC3
v5.3.1

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-11065.json"
unresolved_ranges 
[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "28"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "29"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "30"
            }
        ]
    }
]