CVE-2021-41588

In Gradle Enterprise before 2021.1.3, a crafted request can trigger deserialization of arbitrary unsafe Java objects. The attacker must have the encryption and signing keys. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt