Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2020-11979

As mitigation for CVE-2020-1945 Apache Ant 1.10.8 changed the permissions of temporary files it created so that only the current user was allowed to access them. Unfortunately the fixcrlf task deleted the temporary file and created a new one without said protection, effectively nullifying the effort. This would still allow an attacker to inject modified source files into the build process.

CVSS v3:

  • Severity: High
  • Score: 7.5
  • AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CVSS v2:

  • Severity: Medium
  • Score: 5
  • AV:N/AC:L/Au:N/C:N/I:P/A:N

CWEs:

Software From Fixed in
apache / ant 1.10.8 1.10.8.x
gradle / gradle - 6.8.0
fedoraproject / fedora 31 31.x
fedoraproject / fedora 32 32.x
fedoraproject / fedora 33 33.x
oracle / flexcube_private_banking 12.1.0 12.1.0.x
oracle / primavera_unifier 16.2 16.2.x
oracle / banking_platform 2.4.0 2.4.0.x
oracle / flexcube_private_banking 12.0.0 12.0.0.x
oracle / api_gateway 11.1.2.4.0 11.1.2.4.0.x
oracle / banking_platform 2.4.1 2.4.1.x
oracle / primavera_unifier 16.1 16.1.x
oracle / enterprise_repository 11.1.1.7.0 11.1.1.7.0.x
oracle / retail_predictive_application_server 14.1 14.1.x
oracle / banking_platform 2.6.2 2.6.2.x
oracle / primavera_unifier 18.8 18.8.x
oracle / data_integrator 12.2.1.3.0 12.2.1.3.0.x
oracle / primavera_unifier 17.7 17.12.x
oracle / utilities_framework 4.3.0.5.0 4.3.0.5.0.x
oracle / utilities_framework 4.3.0.6.0 4.3.0.6.0.x
oracle / utilities_framework 4.4.0.0.0 4.4.0.0.0.x
oracle / communications_unified_inventory_management 7.4.0 7.4.0.x
oracle / primavera_unifier 19.12 19.12.x
oracle / utilities_framework 4.4.0.2.0 4.4.0.2.0.x
oracle / retail_advanced_inventory_planning 14.1 14.1.x
oracle / retail_merchandising_system 16.0.3 16.0.3.x
oracle / banking_platform 2.7.0 2.7.0.x
oracle / banking_platform 2.7.1 2.7.1.x
oracle / agile_engineering_data_management 6.2.1.0 6.2.1.0.x
oracle / data_integrator 12.2.1.4.0 12.2.1.4.0.x
oracle / primavera_gateway 16.2.0 16.2.11.x
oracle / retail_store_inventory_management 15.0.3.0 15.0.3.0.x
oracle / retail_store_inventory_management 16.0.3.0 16.0.3.0.x
oracle / retail_store_inventory_management 14.1.3.9 14.1.3.9.x
oracle / retail_service_backbone 15.0.3 15.0.3.x
oracle / retail_service_backbone 16.0.3 16.0.3.x
oracle / retail_financial_integration 15.0.3 15.0.3.x
oracle / retail_financial_integration 16.0.3 16.0.3.x
oracle / retail_financial_integration 14.1.3 14.1.3.x
oracle / retail_service_backbone 14.1.3 14.1.3.x
oracle / retail_integration_bus 15.0.3 15.0.3.x
oracle / banking_platform 2.8.0 2.8.0.x
oracle / primavera_unifier 20.12 20.12.x
oracle / primavera_gateway 17.12.0 17.12.9.x
oracle / communications_unified_inventory_management 7.4.1 7.4.1.x
oracle / retail_xstore_point_of_service 16.0.6 16.0.6.x
oracle / retail_xstore_point_of_service 17.0.4 17.0.4.x
oracle / retail_xstore_point_of_service 18.0.3 18.0.3.x
oracle / retail_xstore_point_of_service 19.0.2 19.0.2.x
oracle / retail_xstore_point_of_service 15.0.4 15.0.4.x
oracle / real-time_decision_server 3.2.0.0 3.2.0.0.x
oracle / financial_services_analytical_applications_infrastructure 8.1.1 8.1.1.x
oracle / financial_services_analytical_applications_infrastructure 8.1.0 8.1.0.x
oracle / financial_services_analytical_applications_infrastructure 8.0.6 8.0.9.x
oracle / real-time_decision_server 11.1.1.9.0 11.1.1.9.0.x
oracle / retail_eftlink 19.0.1 19.0.1.x
oracle / endeca_information_discovery_studio 3.2.0.0 3.2.0.0.x
oracle / retail_eftlink 20.0.0 20.0.0.x
oracle / banking_treasury_management 14.4 14.4.x
oracle / retail_regular_price_optimization 16.0.3 16.0.3.x
oracle / retail_assortment_planning 16.0.3 16.0.3.x
oracle / retail_size_profile_optimization 16.0.3 16.0.3.x
oracle / retail_replenishment_optimization 16.0.3 16.0.3.x
oracle / retail_merchandise_financial_planning 16.0.3 16.0.3.x
oracle / retail_macro_space_optimization 16.0.3 16.0.3.x
oracle / retail_item_planning 16.0.3 16.0.3.x
oracle / retail_category_management_planning_&_optimization 16.0.3 16.0.3.x
oracle / retail_merchandising_system 14.1.3.2 14.1.3.2.x
oracle / timesten_in-memory_database - 11.2.2.8.27
oracle / storagetek_acsls 8.5.1 8.5.1.x
oracle / storagetek_tape_analytics 2.4 2.4.x
org.apache.ant / ant - 1.10.9