This affects the package com.diffplug.gradle:goomph before 3.37.2. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
RCE
Path Traversal
Goomph
NVD
GitHub
CVSS 3.1
8.8
EPSS
1.9%