Inclusion of Sensitive Information in Log Files
The Gradle publish plugin is vulnerable to Insertion of Sensitive Information into Log File. When a plugin author publishes a Gradle plugin while running Gradle with the –info log level flag, the Gradle Logger logs an AWS pre-signed URL.