CVE-2019-16370

Posted on by admin

CVE-2019-16370

The PGP signing plugin in Gradle before 6.0 relies on the SHA-1 algorithm, which might allow an attacker to replace an artifact with a different one that has the same SHA-1 message digest, a related issue to CVE-2005-4900.

Source: CVE-2019-16370

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다