Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2020-1945

Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default temporary directory identified by the Java system property java.io.tmpdir for several tasks and may thus leak sensitive information. The fixcrlf and replaceregexp tasks also copy files from the temporary directory back into the build tree allowing an attacker to inject modified source files into the build process.

CVSS v3:

  • Severity: Medium
  • Score: 6.3
  • AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

CVSS v2:

  • Severity: Low
  • Score: 3.3
  • AV:L/AC:M/Au:N/C:P/I:P/A:N

CWEs:

Software From Fixed in
apache / ant 1.10.0 1.10.7.x
apache / ant 1.1 1.9.14.x
canonical / ubuntu_linux 19.10 19.10.x
fedoraproject / fedora 31 31.x
fedoraproject / fedora 32 32.x
opensuse / leap 15.2 15.2.x
oracle / flexcube_investor_servicing 12.3.0 12.3.0.x
oracle / flexcube_investor_servicing 12.1.0 12.1.0.x
oracle / flexcube_private_banking 12.1.0 12.1.0.x
oracle / primavera_unifier 16.2 16.2.x
oracle / retail_integration_bus 14.1 14.1.x
oracle / flexcube_private_banking 12.0.0 12.0.0.x
oracle / retail_store_inventory_management 14.1 14.1.x
oracle / primavera_unifier 16.1 16.1.x
oracle / enterprise_repository 11.1.1.7.0 11.1.1.7.0.x
oracle / retail_service_backbone 15.0 15.0.x
oracle / retail_integration_bus 15.0 15.0.x
oracle / retail_back_office 14.1 14.1.x
oracle / retail_back_office 14.0 14.0.x
oracle / utilities_framework 4.2.0.3.0 4.2.0.3.0.x
oracle / utilities_framework 4.2.0.2.0 4.2.0.2.0.x
oracle / utilities_framework 2.2.0.0.0 2.2.0.0.0.x
oracle / flexcube_investor_servicing 12.4.0 12.4.0.x
oracle / business_process_management_suite 12.2.1.3.0 12.2.1.3.0.x
oracle / retail_bulk_data_integration 16.0 16.0.x
oracle / flexcube_investor_servicing 14.0.0 14.0.0.x
oracle / retail_integration_bus 16.0 16.0.x
oracle / retail_returns_management 14.0 14.0.x
oracle / retail_returns_management 14.1 14.1.x
oracle / retail_central_office 14.0 14.0.x
oracle / retail_central_office 14.1 14.1.x
oracle / primavera_unifier 18.8 18.8.x
oracle / retail_point-of-service 14.1 14.1.x
oracle / retail_point-of-service 14.0 14.0.x
oracle / retail_predictive_application_server 15.0.3 15.0.3.x
oracle / data_integrator 12.2.1.3.0 12.2.1.3.0.x
oracle / primavera_unifier 17.7 17.12.x
oracle / endeca_information_discovery_studio 3.2.0 3.2.0.x
oracle / utilities_framework 4.4.0.0.0 4.4.0.0.0.x
oracle / retail_financial_integration 15.0 15.0.x
oracle / retail_financial_integration 16.0 16.0.x
oracle / communications_metasolv_solution 6.3.0 6.3.0.x
oracle / flexcube_investor_servicing 14.1.0 14.1.0.x
oracle / retail_store_inventory_management 16.0 16.0.x
oracle / primavera_unifier 19.12 19.12.x
oracle / financial_services_analytical_applications_infrastructure 8.0.6 8.1.0.x
oracle / rapid_planning 12.1 12.1.x
oracle / rapid_planning 12.2 12.2.x
oracle / utilities_framework 4.3.0.1.0 4.3.0.6.0.x
oracle / utilities_framework 4.4.0.2.0 4.4.0.2.0.x
oracle / communications_diameter_signaling_router 8.0.0 8.2.2.x
oracle / enterprise_manager_ops_center 12.4.0.0 12.4.0.0.x
oracle / retail_advanced_inventory_planning 14.1 14.1.x
oracle / retail_bulk_data_integration 16.0.3.0 16.0.3.0.x
oracle / retail_predictive_application_server 16.0.3.0 16.0.3.0.x
oracle / agile_engineering_data_management 6.2.1.0 6.2.1.0.x
oracle / data_integrator 12.2.1.4.0 12.2.1.4.0.x
oracle / primavera_gateway 16.2.0 16.2.11.x
oracle / primavera_gateway 17.12.0 17.12.7.x
oracle / retail_service_backbone 16.0 16.0.x
oracle / banking_platform 2.4.0 2.9.0.x
oracle / communications_order_and_service_management 7.4 7.4.x
oracle / real-time_decision_server 3.2.1.0 3.2.1.0.x
oracle / banking_liquidity_management 14.0.0 14.4.0.x
oracle / business_process_management_suite 12.2.1.4.0 12.2.1.4.0.x
oracle / retail_predictive_application_server 14.0.3 14.0.3.x
oracle / retail_xstore_point_of_service 16.0.6 16.0.6.x
oracle / retail_xstore_point_of_service 17.0.4 17.0.4.x
oracle / retail_xstore_point_of_service 18.0.3 18.0.3.x
oracle / retail_xstore_point_of_service 19.0.2 19.0.2.x
oracle / retail_service_backbone 14.1.3.2 14.1.3.2.x
oracle / retail_xstore_point_of_service 15.0.4 15.0.4.x
oracle / retail_store_inventory_management 14.0.4 14.0.4.x
oracle / retail_store_inventory_management 14.1.3 14.1.3.x
oracle / retail_store_inventory_management 15.0.3 15.0.3.x
oracle / retail_store_inventory_management 16.0.3 16.0.3.x
oracle / retail_service_backbone 15.0.4.0 15.0.4.0.x
oracle / retail_service_backbone 16.0.3.0 16.0.3.0.x
oracle / retail_service_backbone 19.0.1.0 19.0.1.0.x
oracle / retail_merchandising_system 19.0.1 19.0.1.x
oracle / retail_integration_bus 14.1.3.2 14.1.3.2.x
oracle / retail_integration_bus 15.0.4.0 15.0.4.0.x
oracle / retail_integration_bus 16.0.3.0 16.0.3.0.x
oracle / retail_store_inventory_management 15.0 15.0.x
oracle / retail_integration_bus 19.0.1.0 19.0.1.0.x
oracle / retail_predictive_application_server 14.1.3 14.1.3.x
oracle / retail_financial_integration 14.1.3.2 14.1.3.2.x
oracle / retail_financial_integration 15.0.4.0 15.0.4.0.x
oracle / retail_financial_integration 16.0.3.0 16.0.3.0.x
oracle / retail_extract_transform_and_load 13.2.8 13.2.8.x
oracle / retail_bulk_data_integration 19.0.1 19.0.1.x
oracle / retail_advanced_inventory_planning 15.0 15.0.x
oracle / retail_advanced_inventory_planning 16.0 16.0.x
oracle / retail_predictive_application_server 16.0.3 16.0.3.x
oracle / retail_size_profile_optimization 15.0.3 15.0.3.x
oracle / retail_replenishment_optimization 15.0.3 15.0.3.x
oracle / retail_regular_price_optimization 16.0.3 16.0.3.x
oracle / retail_regular_price_optimization 15.0.3 15.0.3.x
oracle / retail_merchandise_financial_planning 15.0.3 15.0.3.x
oracle / retail_macro_space_optimization 15.0.3 15.0.3.x
oracle / retail_item_planning 15.0.3 15.0.3.x
oracle / retail_data_extractor_for_merchandising 1.10 1.10.x
oracle / retail_data_extractor_for_merchandising 1.9 1.9.x
oracle / retail_bulk_data_integration 15.0 15.0.x
oracle / retail_assortment_planning 16.0.3 16.0.3.x
oracle / retail_assortment_planning 15.0.3 15.0.3.x
oracle / category_management_planning_&_optimization 15.0.3 15.0.3.x
oracle / banking_enterprise_collections 2.7.0 2.9.0.x
oracle / communications_order_and_service_management 7.3 7.3.x
oracle / retail_point-of-service 15.0 15.0.x
oracle / retail_point-of-service 16.0 16.0.x
oracle / retail_extract_transform_and_load 13.2.5 13.2.5.x
oracle / communications_asap 7.3 7.3.x
oracle / retail_size_profile_optimization 16.0.3 16.0.3.x
oracle / health_sciences_information_manager 3.0 3.0.2.x
oracle / timesten_in-memory_database - 11.2.2.8.27
oracle / timesten_in-memory_database 11.2.2.8.49 11.2.2.8.49.x
org.apache.ant / ant 1.1 1.9.15
org.apache.ant / ant 1.10.0 1.10.8