As mitigation for CVE-2020-1945 Apache Ant 1.10.8 changed the permissions of temporary files it created so that only the current user was allowed to access them. Unfortunately the fixcrlf task deleted the temporary file and created a new one without said protection, effectively nullifying the effort. This would still allow an attacker to inject modified source files into the build process.
AI analysis not yet available
Plain-English explanation, risk summary, and remediation steps will appear here once AI analysis is complete.
No Fix Known
No patch has been released yet. Apply workarounds or mitigations where available.
Published
CVE disclosed publicly
Last Modified
Most recent update
Indexed to CVEInsight
Added to this platform
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
71
Affected Products
38
References
apache / ant
| - |
| fedoraproject | fedora | - | - |
| fedoraproject | fedora | - | - |
| oracle | agile_engineering_data_management | - | - |
| oracle | api_gateway | - | - |
| oracle | banking_platform | - | - |
| oracle | banking_platform | - | - |
| oracle | banking_platform | - | - |
| oracle | banking_platform | - | - |
| oracle | banking_platform | - | - |
| oracle | banking_platform | - | - |
| oracle | banking_treasury_management | - | - |
| oracle | communications_unified_inventory_management | - | - |
| oracle | communications_unified_inventory_management | - | - |
| oracle | data_integrator | - | - |
| oracle | data_integrator | - | - |
| oracle | endeca_information_discovery_studio | - | - |
| oracle | enterprise_repository | - | - |
| oracle | financial_services_analytical_applications_infrastructure | 8.0.6 - 8.0.9 | - |
| oracle | financial_services_analytical_applications_infrastructure | - | - |
| oracle | financial_services_analytical_applications_infrastructure | - | - |
| oracle | flexcube_private_banking | - | - |
| oracle | flexcube_private_banking | - | - |
| oracle | primavera_gateway | 16.2.0 - 16.2.11 | - |
| oracle | primavera_gateway | 17.12.0 - 17.12.9 | - |
| oracle | primavera_unifier | 17.7 - 17.12 | - |
| oracle | primavera_unifier | - | - |
| oracle | primavera_unifier | - | - |
| oracle | primavera_unifier | - | - |
| oracle | primavera_unifier | - | - |
| oracle | primavera_unifier | - | - |
| oracle | real-time_decision_server | - | - |
| oracle | real-time_decision_server | - | - |
| oracle | retail_advanced_inventory_planning | - | - |
| oracle | retail_assortment_planning | - | - |
| oracle | retail_category_management_planning_\&_optimization | - | - |
| oracle | retail_eftlink | - | - |
| oracle | retail_eftlink | - | - |
| oracle | retail_financial_integration | - | - |
| oracle | retail_financial_integration | - | - |
| oracle | retail_financial_integration | - | - |
| oracle | retail_integration_bus | - | - |
| oracle | retail_item_planning | - | - |
| oracle | retail_macro_space_optimization | - | - |
| oracle | retail_merchandise_financial_planning | - | - |
| oracle | retail_merchandising_system | - | - |
| oracle | retail_merchandising_system | - | - |
| oracle | retail_predictive_application_server | - | - |
| oracle | retail_regular_price_optimization | - | - |
| oracle | retail_replenishment_optimization | - | - |
| oracle | retail_service_backbone | - | - |
| oracle | retail_service_backbone | - | - |
| oracle | retail_service_backbone | - | - |
| oracle | retail_size_profile_optimization | - | - |
| oracle | retail_store_inventory_management | - | - |
| oracle | retail_store_inventory_management | - | - |
| oracle | retail_store_inventory_management | - | - |
| oracle | retail_xstore_point_of_service | - | - |
| oracle | retail_xstore_point_of_service | - | - |
| oracle | retail_xstore_point_of_service | - | - |
| oracle | retail_xstore_point_of_service | - | - |
| oracle | retail_xstore_point_of_service | - | - |
| oracle | storagetek_acsls | - | - |
| oracle | storagetek_tape_analytics | - | - |
| oracle | timesten_in-memory_database | 11.2.2.8.27 | - |
| oracle | utilities_framework | - | - |
| oracle | utilities_framework | - | - |
| oracle | utilities_framework | - | - |
| oracle | utilities_framework | - | - |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Exploitability
Impact