CVE-2021-41587

Name of the Vulnerable Software and Affected Versions Gradle Enterprise versions prior to 2021.1.3

Description The issue allows an attacker with the ability to perform Server-Side Request Forgery (SSRF) attacks to potentially discover credentials for other resources. SSRF is a type of attack where an attacker can trick a server into making requests to internal or external resources, potentially leading to unauthorized access or information disclosure.

Recommendations For Gradle Enterprise versions prior to 2021.1.3, update to version 2021.1.3 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive resources and credentials to minimize the risk of exploitation.