6.3
CVSSv3

CVE-2020-1945

Published: 14/05/2020 Updated: 04/04/2022
CVSS v2 Base Score: 3.3 | Impact Score: 4.9 | Exploitability Score: 3.4
CVSS v3 Base Score: 6.3 | Impact Score: 5.2 | Exploitability Score: 1
Vector: AV:L/AC:M/Au:N/C:P/I:P/A:N

Vulnerability Summary

Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default temporary directory identified by the Java system property java.io.tmpdir for several tasks and may thus leak sensitive information. The fixcrlf and replaceregexp tasks also copy files from the temporary directory back into the build tree allowing an malicious user to inject modified source files into the build process.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

apache ant

canonical ubuntu linux 19.10

fedoraproject fedora 31

fedoraproject fedora 32

opensuse leap 15.2

oracle agile engineering data management 6.2.1.0

oracle banking enterprise collections

oracle banking liquidity management

oracle banking platform

oracle business process management suite 12.2.1.3.0

oracle business process management suite 12.2.1.4.0

oracle category management planning \\& optimization 15.0.3

oracle communications asap 7.3

oracle communications diameter signaling router

oracle communications metasolv solution 6.3.0

oracle communications order and service management 7.3

oracle communications order and service management 7.4

oracle data integrator 12.2.1.3.0

oracle data integrator 12.2.1.4.0

oracle endeca information discovery studio 3.2.0

oracle enterprise manager ops center 12.4.0.0

oracle enterprise repository 11.1.1.7.0

oracle financial services analytical applications infrastructure

oracle flexcube investor servicing 12.1.0

oracle flexcube investor servicing 12.3.0

oracle flexcube investor servicing 12.4.0

oracle flexcube investor servicing 14.0.0

oracle flexcube investor servicing 14.1.0

oracle flexcube private banking 12.0.0

oracle flexcube private banking 12.1.0

oracle health sciences information manager

oracle primavera gateway

oracle primavera unifier 16.1

oracle primavera unifier 16.2

oracle primavera unifier

oracle primavera unifier 18.8

oracle primavera unifier 19.12

oracle rapid planning 12.1

oracle rapid planning 12.2

oracle real-time decision server 3.2.1.0

oracle retail advanced inventory planning 14.1

oracle retail advanced inventory planning 15.0

oracle retail advanced inventory planning 16.0

oracle retail assortment planning 15.0.3

oracle retail assortment planning 16.0.3

oracle retail back office 14.0

oracle retail back office 14.1

oracle retail bulk data integration 15.0

oracle retail bulk data integration 16.0

oracle retail bulk data integration 16.0.3.0

oracle retail bulk data integration 19.0.1

oracle retail central office 14.0

oracle retail central office 14.1

oracle retail data extractor for merchandising 1.9

oracle retail data extractor for merchandising 1.10

oracle retail extract transform and load 13.2.5

oracle retail extract transform and load 13.2.8

oracle retail financial integration 14.1.3.2

oracle retail financial integration 15.0

oracle retail financial integration 15.0.4.0

oracle retail financial integration 16.0

oracle retail financial integration 16.0.3.0

oracle retail integration bus 14.1

oracle retail integration bus 14.1.3.2

oracle retail integration bus 15.0

oracle retail integration bus 15.0.4.0

oracle retail integration bus 16.0

oracle retail integration bus 16.0.3.0

oracle retail integration bus 19.0.1.0

oracle retail item planning 15.0.3

oracle retail macro space optimization 15.0.3

oracle retail merchandise financial planning 15.0.3

oracle retail merchandising system 19.0.1

oracle retail point-of-service 14.0

oracle retail point-of-service 14.1

oracle retail point-of-service 15.0

oracle retail point-of-service 16.0

oracle retail predictive application server 14.0.3

oracle retail predictive application server 14.1.3

oracle retail predictive application server 15.0.3

oracle retail predictive application server 16.0.3

oracle retail predictive application server 16.0.3.0

oracle retail regular price optimization 15.0.3

oracle retail regular price optimization 16.0.3

oracle retail replenishment optimization 15.0.3

oracle retail returns management 14.0

oracle retail returns management 14.1

oracle retail service backbone 14.1.3.2

oracle retail service backbone 15.0

oracle retail service backbone 15.0.4.0

oracle retail service backbone 16.0

oracle retail service backbone 16.0.3.0

oracle retail service backbone 19.0.1.0

oracle retail size profile optimization 15.0.3

oracle retail size profile optimization 16.0.3

oracle retail store inventory management 14.0.4

oracle retail store inventory management 14.1

oracle retail store inventory management 14.1.3

oracle retail store inventory management 15.0

oracle retail store inventory management 15.0.3

oracle retail store inventory management 16.0

oracle retail store inventory management 16.0.3

oracle retail xstore point of service 15.0.4

oracle retail xstore point of service 16.0.6

oracle retail xstore point of service 17.0.4

oracle retail xstore point of service 18.0.3

oracle retail xstore point of service 19.0.2

oracle timesten in-memory database

oracle timesten in-memory database 11.2.2.8.49

oracle utilities framework 2.2.0.0.0

oracle utilities framework 4.2.0.2.0

oracle utilities framework 4.2.0.3.0

oracle utilities framework

oracle utilities framework 4.4.0.0.0

oracle utilities framework 4.4.0.2.0

Vendor Advisories

Apache Ant could leak sensitive information or be made to run programs as your login ...
Debian Bug report logs - #960630 ant: CVE-2020-1945 Package: src:ant; Maintainer for src:ant is Debian Java Maintainers <pkg-java-maintainers@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Thu, 14 May 2020 20:39:01 UTC Severity: important Tags: security, upstream Found in versi ...
Debian Bug report logs - #971612 ant: CVE-2020-11979 Package: src:ant; Maintainer for src:ant is Debian Java Maintainers <pkg-java-maintainers@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 3 Oct 2020 05:18:01 UTC Severity: important Tags: security, upstream Found in vers ...
These interim fixes provide instructions on upgrading Apache Ant to 1108 in IBM Platform Symphony 71 Fix Pack 1, IBM Platform Symphony 711, IBM Spectrum Symphony 712, IBM Spectrum Symphony 7202, IBM Spectrum Symphony 721, and IBM Spectrum Symphony 73 in order to address security vulnerability CVE-2020-1945 in Apache Ant ...
Synopsis Moderate: Red Hat Decision Manager 790 security update Type/Severity Security Advisory: Moderate Topic An update is now available for Red Hat Decision ManagerRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base ...
Arch Linux Security Advisory ASA-202005-15 ========================================== Severity: Medium Date : 2020-05-20 CVE-ID : CVE-2020-1945 Package : ant Type : arbitrary command execution Remote : No Link : securityarchlinuxorg/AVG-1159 Summary ======= The package ant before version 1108-1 is vulnerable to arbitrary c ...
Apache Ant uses the default temporary directory identified by the Java system property javaiotmpdir for several tasks and may thus leak sensitive information The fixcrlf and replaceregexp tasks also copy files from the temporary directory back into the build tree allowing an attacker to inject modified source files into the build process ...
Synopsis Moderate: Red Hat Process Automation Manager 790 security update Type/Severity Security Advisory: Moderate Topic An update is now available for Red Hat Process Automation ManagerRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring ...
Arch Linux Security Advisory ASA-202012-5 ========================================= Severity: Medium Date : 2020-12-05 CVE-ID : CVE-2020-11979 Package : ant Type : arbitrary code execution Remote : No Link : securityarchlinuxorg/AVG-1312 Summary ======= The package ant before version 1109-1 is vulnerable to arbitrary code ...
Apache Ant could allow a remote attacker to bypass security restrictions ...
Synopsis Important: OpenShift Container Platform 4617 security and packages update Type/Severity Security Advisory: Important Topic Red Hat OpenShift Container Platform release 4617 is now available withupdates to packages and images that fix several bugsThis release includes a security update for Red ...

Mailing Lists

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2020-1945: Apache Ant insecure temporary file vulnerability Severity: Medium Vendor: The Apache Software Foundation Versions Affected: Apache Ant 11 to 1914 and 1100 to 1107 Description: Apache Ant uses the default temporary directory identified by the Java system property javaiotmpdi ...
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2020-11979: Apache Ant insecure temporary file vulnerability Severity: Medium Vendor: The Apache Software Foundation Versions Affected: Apache Ant 1108 Description: As mitigation for CVE-2020-1945 Apache Ant 1108 changed the permissions of temporary files it created so that only the curren ...
CVE-2020-17521 Apache Groovy Information Disclosure Severity: Important Vendor: The Apache Software Foundation Versions Affected: Unsupported Codehaus versions of Groovy from 20 to 244 Apache Groovy versions 244 to 2420, 250 to 2513, 300 to 306, and 400-alpha-1 Fixed in versions 2421, 2514, 307, 400-alpha-2 Impact: ...

References

CWE-668https://lists.apache.org/thread.html/r8e592bbfc016a5dbe2a8c0e81ff99682b9c78c453621b82c14e7b75e%40%3Cdev.ant.apache.org%3Ehttps://lists.apache.org/thread.html/r95dc943e47a211d29df605e14f86c280fc9fa8d828b2b53bd07673c9@%3Cdev.creadur.apache.org%3Ehttps://lists.apache.org/thread.html/r1863b9ce4c3e4b1e5b0c671ad05545ba3eb8399616aa746af5dfe1b1@%3Cdev.creadur.apache.org%3Ehttps://lists.apache.org/thread.html/re1ce84518d773a94a613d988771daf9252c9cf7375a9a477009f9735@%3Ccommits.creadur.apache.org%3Ehttps://lists.apache.org/thread.html/rfd346609527a79662c48b1da3ac500ec30f29f7ddaa3575051e81890@%3Ccommits.creadur.apache.org%3Ehttps://lists.apache.org/thread.html/rd7dda48ff835f4d0293949837d55541bfde3683bd35bd8431e324538@%3Cdev.creadur.apache.org%3Ehttps://lists.apache.org/thread.html/rda80ac59119558eaec452e58ddfac2ccc9211da1c65f7927682c78b1@%3Cdev.creadur.apache.org%3Ehttps://lists.apache.org/thread.html/rdaa9c51d5dc6560c9d2b3f3d742c768ad0705e154041e574a0fae45c@%3Cnotifications.groovy.apache.org%3Ehttps://lists.apache.org/thread.html/r0d08a96ba9de8aa435f32944e8b2867c368a518d4ff57782e3637335@%3Cissues.hive.apache.org%3Ehttps://lists.apache.org/thread.html/r1b32c76afffcf676e13ed635a3332f3e46e6aaa7722eb3fc7a28f58e@%3Cdev.hive.apache.org%3Ehttps://lists.apache.org/thread.html/r4b2904d64affd4266cd72ccb2fc3927c1c2f22009f183095aa46bf90@%3Cissues.hive.apache.org%3Ehttps://lists.apache.org/thread.html/r6edd3e2cb79ee635630d891b54a4f1a9cd8c7f639d6ee34e75fbe830@%3Cissues.hive.apache.org%3Ehttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RRVAWTCVXJMRYKQKEXYSNBF7NLSR6OEI/https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EQBR65TINSJRN7PTPIVNYS33P535WM74/https://usn.ubuntu.com/4380-1/https://lists.apache.org/thread.html/r8e24abb7dd77cda14c6df90a377c94f0a413bbfcec90a29540ff8adf@%3Cissues.hive.apache.org%3Ehttps://lists.apache.org/thread.html/r2704fb14ce068c64759a986f81d5b5e42ab434fa13d0f444ad52816b@%3Cdev.creadur.apache.org%3Ehttps://www.oracle.com/security-alerts/cpujul2020.htmlhttps://lists.apache.org/thread.html/r6e295d792032ec02b32be3846c21a58857fba4a077d22c5842d69ba2@%3Ctorque-dev.db.apache.org%3Ehttp://lists.opensuse.org/opensuse-security-announce/2020-07/msg00053.htmlhttps://security.gentoo.org/glsa/202007-34https://lists.apache.org/thread.html/r815f88d1044760176f30a4913b4baacd06f3eae4eb662de7388e46d8@%3Cissues.hive.apache.org%3Ehttps://lists.apache.org/thread.html/r5dfc77048b1f9db26622dce91a6edf083d499397256594952fad5f35@%3Ccommits.myfaces.apache.org%3Ehttps://lists.apache.org/thread.html/rc3c8ef9724b5b1e171529b47f4b35cb7920edfb6e917fa21eb6c64ea@%3Cdev.ant.apache.org%3Ehttps://lists.apache.org/thread.html/rb8ec556f176c83547b959150e2108e2ddf1d61224295941908b0a81f@%3Cannounce.apache.org%3Ehttps://lists.apache.org/thread.html/rc89e491b5b270fb40f1210b70554527b737c217ad2e831b643ead6bc@%3Cuser.ant.apache.org%3Ehttps://lists.apache.org/thread.html/r1a9c992d7c8219dc15b4ad448649f0ffdaa88d76ef6a0035c49455f5@%3Cdev.creadur.apache.org%3Ehttps://lists.apache.org/thread.html/rf07feaf78afc8f701e21948a06ef92565d3dff1242d710f4fbf900b2@%3Cdev.creadur.apache.org%3Ehttp://www.openwall.com/lists/oss-security/2020/09/30/6https://lists.apache.org/thread.html/r1dc8518dc99c42ecca5ff82d0d2de64cd5d3a4fa691eb9ee0304781e@%3Cdev.creadur.apache.org%3Ehttps://lists.apache.org/thread.html/r4ca33fad3fb39d130cda287d5a60727d9e706e6f2cf2339b95729490@%3Cdev.creadur.apache.org%3Ehttps://lists.apache.org/thread.html/r2306b67f20c24942b872b0a41fbdc9330e8467388158bcd19c1094e0@%3Cdev.creadur.apache.org%3Ehttps://lists.apache.org/thread.html/r107ea1b1a7a214bc72fe1a04207546ccef542146ae22952e1013b5cc@%3Cdev.creadur.apache.org%3Ehttps://lists.apache.org/thread.html/r5e1cdd79f019162f76414708b2092acad0a6703d666d72d717319305@%3Cdev.creadur.apache.org%3Ehttps://www.oracle.com/security-alerts/cpuoct2020.htmlhttps://lists.apache.org/thread.html/r3cea0f3da4f6d06d7afb6c0804da8e01773a0f50a09b8d9beb2cda65@%3Cissues.hive.apache.org%3Ehttps://lists.apache.org/thread.html/r6030d34ceacd0098538425c5dac8251ffc7fd90b886942bc7ef87858@%3Cnotifications.groovy.apache.org%3Ehttps://lists.apache.org/thread.html/r6970d196cd73863dafdbc3a7052562deedd338e3bd7d73d8171d92d6@%3Ccommits.groovy.apache.org%3Ehttps://lists.apache.org/thread.html/rce099751721c26a8166d8b6578293820832831a0b2cb8d93b8efa081@%3Cnotifications.groovy.apache.org%3Ehttps://lists.apache.org/thread.html/ra12c3e23b021f259a201648005b9946acd7f618a6f32301c97047967@%3Cdev.groovy.apache.org%3Ehttps://lists.apache.org/thread.html/ra12c3e23b021f259a201648005b9946acd7f618a6f32301c97047967@%3Cusers.groovy.apache.org%3Ehttp://www.openwall.com/lists/oss-security/2020/12/06/1https://lists.apache.org/thread.html/ra12c3e23b021f259a201648005b9946acd7f618a6f32301c97047967@%3Cannounce.apache.org%3Ehttps://lists.apache.org/thread.html/ra9dab34bf8625511f23692ad0fcee2725f782e9aad6c5cdff6cf4465@%3Cnotifications.groovy.apache.org%3Ehttps://lists.apache.org/thread.html/rb860063819b9c0990e1fbce29d83f4554766fe5a05e3b3939736bf2b@%3Ccommits.myfaces.apache.org%3Ehttps://www.oracle.com/security-alerts/cpujan2021.htmlhttps://lists.apache.org/thread.html/raaeddc41da8f3afb1cb224876084a45f68e437a0afd9889a707e4b0c@%3Cdev.creadur.apache.org%3Ehttps://www.oracle.com/security-alerts/cpuApr2021.htmlhttps://lists.apache.org/thread.html/rbfe9ba28b74f39f46ec1bbbac3bef313f35017cf3aac13841a84483a@%3Cdev.creadur.apache.org%3Ehttps://www.oracle.com//security-alerts/cpujul2021.htmlhttps://www.oracle.com/security-alerts/cpuoct2021.htmlhttps://www.oracle.com/security-alerts/cpujan2022.htmlhttps://usn.ubuntu.com/4380-1/https://nvd.nist.gov