7.8 High
AI Score
Confidence
High
0.01 Low
EPSS
Percentile
83.5%
ObjectSocketWrapper.java in Gradle 2.12 allows remote attackers to execute arbitrary code via a crafted serialized object.
discuss.gradle.org/t/a-security-issue-about-gradle-rce/17726
philwantsfish.github.io/security/java-deserialization-github