CVE-ID ------ CVE-2020-11986 Summary ------- Opening a Gradle project with Apache NetBeans executes foreign script immediately
Versions Affected: ------------------ - All Apache NetBeans versions up to and including 12.0 - NetBeans releases before the Apache transition started may be also affected Description: ------------ To be able to analyse a gradle project, the build script needs to be executed. Apache NetBeans follows this pattern and does not allow the user to intercept/prevent the execution. Mitigation: ----------- - Only open trusted gradle projects with NetBeans - Update to NetBeans 12.0-u1 Credit: ------- The problem was identified by Emilian Bold
signature.asc
Description: This is a digitally signed message part
