medium
6.5
CWE
668 377
Advisory Published
CVE Published
Updated

CVE-2020-1945

First published: Wed May 13 2020(Updated: )

Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default temporary directory identified by the Java system property java.io.tmpdir for several tasks and may thus leak sensitive information. The fixcrlf and replaceregexp tasks also copy files from the temporary directory back into the build tree allowing an attacker to inject modified source files into the build process.

Credit: security@apache.org security@apache.org

Affected SoftwareAffected VersionHow to fix
redhat/jenkins<0:2.263.3.1612433584-1.el7
0:2.263.3.1612433584-1.el7
redhat/conmon<2:2.0.21-1.rhaos4.5.el8
2:2.0.21-1.rhaos4.5.el8
redhat/jenkins<0:2.263.3.1612434332-1.el7
0:2.263.3.1612434332-1.el7
redhat/machine-config-daemon<0:4.5.0-202102050524.p0.git.2594.ff3b8c0.el8
0:4.5.0-202102050524.p0.git.2594.ff3b8c0.el8
redhat/openshift<0:4.5.0-202102050524.p0.git.0.9229406.el7
0:4.5.0-202102050524.p0.git.0.9229406.el7
redhat/openshift-ansible<0:4.5.0-202102031005.p0.git.0.c6839a2.el7
0:4.5.0-202102031005.p0.git.0.c6839a2.el7
redhat/openshift-clients<0:4.5.0-202102051529.p0.git.3612.61b096a.el7
0:4.5.0-202102051529.p0.git.3612.61b096a.el7
redhat/runc<0:1.0.0-72.rhaos4.5.giteadfc6b.el8
0:1.0.0-72.rhaos4.5.giteadfc6b.el8
redhat/jenkins<0:2.263.3.1612434510-1.el8
0:2.263.3.1612434510-1.el8
redhat/ant<1.9.15
1.9.15
redhat/ant<1.10.8
1.10.8
Apache Ant>=1.1<=1.9.14
Apache Ant>=1.10.0<=1.10.7
Canonical Ubuntu Linux=19.10
Fedoraproject Fedora=31
Fedoraproject Fedora=32
openSUSE Leap=15.2
Oracle Agile Engineering Data Management=6.2.1.0
Oracle Banking Enterprise Collections>=2.7.0<=2.9.0
Oracle Banking Liquidity Management>=14.0.0<=14.4.0
Oracle Banking Platform>=2.4.0<=2.9.0
Oracle Business Process Management Suite=12.2.1.3.0
Oracle Business Process Management Suite=12.2.1.4.0
Oracle Category Management Planning \& Optimization=15.0.3
Oracle Communications Asap=7.3
Oracle Communications Diameter Signaling Router>=8.0.0<=8.2.2
Oracle Communications Metasolv Solution=6.3.0
Oracle Communications Order and Service Management=7.3
Oracle Communications Order and Service Management=7.4
Oracle Data Integrator=12.2.1.3.0
Oracle Data Integrator=12.2.1.4.0
Oracle Endeca Information Discovery Studio=3.2.0
Oracle Enterprise Manager Ops Center=12.4.0.0
Oracle Enterprise Repository=11.1.1.7.0
Oracle Financial Services Analytical Applications Infrastructure>=8.0.6<=8.1.0
Oracle FLEXCUBE Investor Servicing=12.1.0
Oracle FLEXCUBE Investor Servicing=12.3.0
Oracle FLEXCUBE Investor Servicing=12.4.0
Oracle FLEXCUBE Investor Servicing=14.0.0
Oracle FLEXCUBE Investor Servicing=14.1.0
Oracle FLEXCUBE Private Banking=12.0.0
Oracle FLEXCUBE Private Banking=12.1.0
Oracle Health Sciences Information Manager>=3.0<=3.0.2
Oracle Primavera Gateway>=16.2.0<=16.2.11
Oracle Primavera Gateway>=17.12.0<=17.12.7
Oracle Primavera Unifier>=17.7<=17.12
Oracle Primavera Unifier=16.1
Oracle Primavera Unifier=16.2
Oracle Primavera Unifier=18.8
Oracle Primavera Unifier=19.12
Oracle Rapid Planning=12.1
Oracle Rapid Planning=12.2
Oracle Real-time Decision Server=3.2.1.0
Oracle Retail Advanced Inventory Planning=14.1
Oracle Retail Advanced Inventory Planning=15.0
Oracle Retail Advanced Inventory Planning=16.0
Oracle Retail Assortment Planning=15.0.3
Oracle Retail Assortment Planning=16.0.3
Oracle Retail Back Office=14.0
Oracle Retail Back Office=14.1
Oracle Retail Bulk Data Integration=15.0
Oracle Retail Bulk Data Integration=16.0
Oracle Retail Bulk Data Integration=16.0.3.0
Oracle Retail Bulk Data Integration=19.0.1
Oracle Retail Central Office=14.0
Oracle Retail Central Office=14.1
Oracle Retail Data Extractor For Merchandising=1.9
Oracle Retail Data Extractor For Merchandising=1.10
Oracle Retail Extract Transform And Load=13.2.5
Oracle Retail Extract Transform And Load=13.2.8
Oracle Retail Financial Integration=14.1.3.2
Oracle Retail Financial Integration=15.0
Oracle Retail Financial Integration=15.0.4.0
Oracle Retail Financial Integration=16.0
Oracle Retail Financial Integration=16.0.3.0
Oracle Retail Integration Bus=14.1
Oracle Retail Integration Bus=14.1.3.2
Oracle Retail Integration Bus=15.0
Oracle Retail Integration Bus=15.0.4.0
Oracle Retail Integration Bus=16.0
Oracle Retail Integration Bus=16.0.3.0
Oracle Retail Integration Bus=19.0.1.0
Oracle Retail Item Planning=15.0.3
Oracle Retail Macro Space Optimization=15.0.3
Oracle Retail Merchandise Financial Planning=15.0.3
Oracle Retail Merchandising System=19.0.1
Oracle Retail Point-of-Service=14.0
Oracle Retail Point-of-Service=14.1
Oracle Retail Point-of-Service=15.0
Oracle Retail Point-of-Service=16.0
Oracle Retail Predictive Application Server=14.0.3
Oracle Retail Predictive Application Server=14.1.3
Oracle Retail Predictive Application Server=15.0.3
Oracle Retail Predictive Application Server=16.0.3
Oracle Retail Predictive Application Server=16.0.3.0
Oracle Retail Regular Price Optimization=15.0.3
Oracle Retail Regular Price Optimization=16.0.3
Oracle Retail Replenishment Optimization=15.0.3
Oracle Retail Returns Management=14.0
Oracle Retail Returns Management=14.1
Oracle Retail Service Backbone=14.1.3.2
Oracle Retail Service Backbone=15.0
Oracle Retail Service Backbone=15.0.4.0
Oracle Retail Service Backbone=16.0
Oracle Retail Service Backbone=16.0.3.0
Oracle Retail Service Backbone=19.0.1.0
Oracle Retail Size Profile Optimization=15.0.3
Oracle Retail Size Profile Optimization=16.0.3
Oracle Retail Store Inventory Management=14.0.4
Oracle Retail Store Inventory Management=14.1
Oracle Retail Store Inventory Management=14.1.3
Oracle Retail Store Inventory Management=15.0
Oracle Retail Store Inventory Management=15.0.3
Oracle Retail Store Inventory Management=16.0
Oracle Retail Store Inventory Management=16.0.3
Oracle Retail Xstore Point of Service=15.0.4
Oracle Retail Xstore Point of Service=16.0.6
Oracle Retail Xstore Point of Service=17.0.4
Oracle Retail Xstore Point of Service=18.0.3
Oracle Retail Xstore Point of Service=19.0.2
Oracle TimesTen In-Memory Database<11.2.2.8.27
Oracle TimesTen In-Memory Database=11.2.2.8.49
Oracle Utilities Framework>=4.3.0.1.0<=4.3.0.6.0
Oracle Utilities Framework=2.2.0.0.0
Oracle Utilities Framework=4.2.0.2.0
Oracle Utilities Framework=4.2.0.3.0
Oracle Utilities Framework=4.4.0.0.0
Oracle Utilities Framework=4.4.0.2.0
debian/ant
1.10.9-4
1.10.13-1
1.10.14-1

Remedy

For versions 1.1 to 1.9.14 and 1.10.0 to 1.10.7, set the java.io.tmpdir system property to a private directory-- only readable and writable by the current user-- before running Ant. For versions 1.9.15 and 1.10.8, use the Ant property ant.tmpfile instead. Ant 1.10.8 protects the temporary files if the underlying filesystem allows it, but using a private temporary directory is still recommended.

Remedy

https://lists.apache.org/thread.html/r1863b9ce4c3e4b1e5b0c671ad05545ba3eb8399616aa746af5dfe1b1@%3Cdev.creadur.apache.org%3E

Remedy

https://lists.apache.org/thread.html/r5dfc77048b1f9db26622dce91a6edf083d499397256594952fad5f35@%3Ccommits.myfaces.apache.org%3E

Remedy

https://lists.apache.org/thread.html/r6970d196cd73863dafdbc3a7052562deedd338e3bd7d73d8171d92d6@%3Ccommits.groovy.apache.org%3E

Remedy

https://lists.apache.org/thread.html/r6e295d792032ec02b32be3846c21a58857fba4a077d22c5842d69ba2@%3Ctorque-dev.db.apache.org%3E

Remedy

https://lists.apache.org/thread.html/r95dc943e47a211d29df605e14f86c280fc9fa8d828b2b53bd07673c9@%3Cdev.creadur.apache.org%3E

Remedy

https://lists.apache.org/thread.html/rb860063819b9c0990e1fbce29d83f4554766fe5a05e3b3939736bf2b@%3Ccommits.myfaces.apache.org%3E

Remedy

https://lists.apache.org/thread.html/rd7dda48ff835f4d0293949837d55541bfde3683bd35bd8431e324538@%3Cdev.creadur.apache.org%3E

Remedy

https://lists.apache.org/thread.html/re1ce84518d773a94a613d988771daf9252c9cf7375a9a477009f9735@%3Ccommits.creadur.apache.org%3E

Remedy

https://lists.apache.org/thread.html/rfd346609527a79662c48b1da3ac500ec30f29f7ddaa3575051e81890@%3Ccommits.creadur.apache.org%3E

Remedy

https://www.oracle.com//security-alerts/cpujul2021.html

Remedy

https://www.oracle.com/security-alerts/cpuApr2021.html

Remedy

https://www.oracle.com/security-alerts/cpujan2021.html

Remedy

https://www.oracle.com/security-alerts/cpujan2022.html

Remedy

https://www.oracle.com/security-alerts/cpujul2020.html

Remedy

https://www.oracle.com/security-alerts/cpuoct2020.html

Remedy

https://www.oracle.com/security-alerts/cpuoct2021.html

Remedy

Set the java.io.tmpdir property of the JVM to point to a directory that is not world read/writable.

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

Frequently Asked Questions

  • What is the vulnerability ID for this issue?

    The vulnerability ID for this issue is CVE-2020-1945.

  • What is the severity level of CVE-2020-1945?

    The severity level of CVE-2020-1945 is medium.

  • What software versions are affected by CVE-2020-1945?

    Apache Ant versions 1.1 to 1.9.14 and 1.10.0 to 1.10.7 are affected by CVE-2020-1945.

  • How can an attacker exploit CVE-2020-1945?

    An attacker can exploit CVE-2020-1945 to bypass security restrictions by using an insecure temporary directory.

  • How can I fix CVE-2020-1945?

    To fix CVE-2020-1945, update Apache Ant to version 1.9.15 or 1.10.8, depending on the version you are using.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203