Build project names and build volumes are accessible without authentication
- Gradle Enterprise 2017.1 - Gradle Enterprise 2020.2.4
Related CVE ID(s)
/usage page of Gradle Enterprise conveys high level build information such as project names and build counts over time.
This page is incorrectly viewable anonymously.
Upgrade to Gradle Enterprise 2020.2.5.
This issue was responsibly reported by Compass Security.