6.3
CVE-2020-1945
- EPSS 0.02%
- Published 14.05.2020 16:15:12
- Last modified 21.11.2024 05:11:42
- Source security@apache.org
- Teams watchlist Login
- Open Login
Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default temporary directory identified by the Java system property java.io.tmpdir for several tasks and may thus leak sensitive information. The fixcrlf and replaceregexp tasks also copy files from the temporary directory back into the build tree allowing an attacker to inject modified source files into the build process.
Data is provided by the National Vulnerability Database (NVD)
Canonical ≫ Ubuntu Linux Version19.10
Fedoraproject ≫ Fedora Version31
Fedoraproject ≫ Fedora Version32
Oracle ≫ Agile Engineering Data Management Version6.2.1.0
Oracle ≫ Banking Enterprise Collections Version >= 2.7.0 <= 2.9.0
Oracle ≫ Banking Liquidity Management Version >= 14.0.0 <= 14.4.0
Oracle ≫ Banking Platform Version >= 2.4.0 <= 2.9.0
Oracle ≫ Business Process Management Suite Version12.2.1.3.0
Oracle ≫ Business Process Management Suite Version12.2.1.4.0
Oracle ≫ Category Management Planning & Optimization Version15.0.3
Oracle ≫ Communications Asap Version7.3
Oracle ≫ Communications Diameter Signaling Router Version >= 8.0.0 <= 8.2.2
Oracle ≫ Communications Metasolv Solution Version6.3.0
Oracle ≫ Communications Order And Service Management Version7.3
Oracle ≫ Communications Order And Service Management Version7.4
Oracle ≫ Data Integrator Version12.2.1.3.0
Oracle ≫ Data Integrator Version12.2.1.4.0
Oracle ≫ Endeca Information Discovery Studio Version3.2.0
Oracle ≫ Enterprise Manager Ops Center Version12.4.0.0
Oracle ≫ Enterprise Repository Version11.1.1.7.0
Oracle ≫ Financial Services Analytical Applications Infrastructure Version >= 8.0.6 <= 8.1.0
Oracle ≫ Flexcube Investor Servicing Version12.1.0
Oracle ≫ Flexcube Investor Servicing Version12.3.0
Oracle ≫ Flexcube Investor Servicing Version12.4.0
Oracle ≫ Flexcube Investor Servicing Version14.0.0
Oracle ≫ Flexcube Investor Servicing Version14.1.0
Oracle ≫ Flexcube Private Banking Version12.0.0
Oracle ≫ Flexcube Private Banking Version12.1.0
Oracle ≫ Health Sciences Information Manager Version >= 3.0 <= 3.0.2
Oracle ≫ Primavera Gateway Version >= 16.2.0 <= 16.2.11
Oracle ≫ Primavera Gateway Version >= 17.12.0 <= 17.12.7
Oracle ≫ Primavera Unifier Version >= 17.7 <= 17.12
Oracle ≫ Primavera Unifier Version16.1
Oracle ≫ Primavera Unifier Version16.2
Oracle ≫ Primavera Unifier Version18.8
Oracle ≫ Primavera Unifier Version19.12
Oracle ≫ Rapid Planning Version12.1
Oracle ≫ Rapid Planning Version12.2
Oracle ≫ Real-time Decision Server Version3.2.1.0
Oracle ≫ Retail Advanced Inventory Planning Version14.1
Oracle ≫ Retail Advanced Inventory Planning Version15.0
Oracle ≫ Retail Advanced Inventory Planning Version16.0
Oracle ≫ Retail Assortment Planning Version15.0.3
Oracle ≫ Retail Assortment Planning Version16.0.3
Oracle ≫ Retail Back Office Version14.0
Oracle ≫ Retail Back Office Version14.1
Oracle ≫ Retail Bulk Data Integration Version15.0
Oracle ≫ Retail Bulk Data Integration Version16.0
Oracle ≫ Retail Bulk Data Integration Version16.0.3.0
Oracle ≫ Retail Bulk Data Integration Version19.0.1
Oracle ≫ Retail Central Office Version14.0
Oracle ≫ Retail Central Office Version14.1
Oracle ≫ Retail Data Extractor For Merchandising Version1.9
Oracle ≫ Retail Data Extractor For Merchandising Version1.10
Oracle ≫ Retail Extract Transform And Load Version13.2.5
Oracle ≫ Retail Extract Transform And Load Version13.2.8
Oracle ≫ Retail Financial Integration Version14.1.3.2
Oracle ≫ Retail Financial Integration Version15.0
Oracle ≫ Retail Financial Integration Version15.0.4.0
Oracle ≫ Retail Financial Integration Version16.0
Oracle ≫ Retail Financial Integration Version16.0.3.0
Oracle ≫ Retail Integration Bus Version14.1
Oracle ≫ Retail Integration Bus Version14.1.3.2
Oracle ≫ Retail Integration Bus Version15.0
Oracle ≫ Retail Integration Bus Version15.0.4.0
Oracle ≫ Retail Integration Bus Version16.0
Oracle ≫ Retail Integration Bus Version16.0.3.0
Oracle ≫ Retail Integration Bus Version19.0.1.0
Oracle ≫ Retail Item Planning Version15.0.3
Oracle ≫ Retail Macro Space Optimization Version15.0.3
Oracle ≫ Retail Merchandise Financial Planning Version15.0.3
Oracle ≫ Retail Merchandising System Version19.0.1
Oracle ≫ Retail Point-of-service Version14.0
Oracle ≫ Retail Point-of-service Version14.1
Oracle ≫ Retail Point-of-service Version15.0
Oracle ≫ Retail Point-of-service Version16.0
Oracle ≫ Retail Predictive Application Server Version14.0.3
Oracle ≫ Retail Predictive Application Server Version14.1.3
Oracle ≫ Retail Predictive Application Server Version15.0.3
Oracle ≫ Retail Predictive Application Server Version16.0.3
Oracle ≫ Retail Predictive Application Server Version16.0.3.0
Oracle ≫ Retail Regular Price Optimization Version15.0.3
Oracle ≫ Retail Regular Price Optimization Version16.0.3
Oracle ≫ Retail Replenishment Optimization Version15.0.3
Oracle ≫ Retail Returns Management Version14.0
Oracle ≫ Retail Returns Management Version14.1
Oracle ≫ Retail Service Backbone Version14.1.3.2
Oracle ≫ Retail Service Backbone Version15.0
Oracle ≫ Retail Service Backbone Version15.0.4.0
Oracle ≫ Retail Service Backbone Version16.0
Oracle ≫ Retail Service Backbone Version16.0.3.0
Oracle ≫ Retail Service Backbone Version19.0.1.0
Oracle ≫ Retail Size Profile Optimization Version15.0.3
Oracle ≫ Retail Size Profile Optimization Version16.0.3
Oracle ≫ Retail Store Inventory Management Version14.0.4
Oracle ≫ Retail Store Inventory Management Version14.1
Oracle ≫ Retail Store Inventory Management Version14.1.3
Oracle ≫ Retail Store Inventory Management Version15.0
Oracle ≫ Retail Store Inventory Management Version15.0.3
Oracle ≫ Retail Store Inventory Management Version16.0
Oracle ≫ Retail Store Inventory Management Version16.0.3
Oracle ≫ Retail Xstore Point Of Service Version15.0.4
Oracle ≫ Retail Xstore Point Of Service Version16.0.6
Oracle ≫ Retail Xstore Point Of Service Version17.0.4
Oracle ≫ Retail Xstore Point Of Service Version18.0.3
Oracle ≫ Retail Xstore Point Of Service Version19.0.2
Oracle ≫ Timesten In-memory Database Version < 11.2.2.8.27
Oracle ≫ Timesten In-memory Database Version11.2.2.8.49
Oracle ≫ Utilities Framework Version >= 4.3.0.1.0 <= 4.3.0.6.0
Oracle ≫ Utilities Framework Version2.2.0.0.0
Oracle ≫ Utilities Framework Version4.2.0.2.0
Oracle ≫ Utilities Framework Version4.2.0.3.0
Oracle ≫ Utilities Framework Version4.4.0.0.0
Oracle ≫ Utilities Framework Version4.4.0.2.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.02% | 0.03 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 6.3 | 1 | 5.2 |
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
|
| nvd@nist.gov | 3.3 | 3.4 | 4.9 |
AV:L/AC:M/Au:N/C:P/I:P/A:N
|
CWE-668 Exposure of Resource to Wrong Sphere
The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.