/
DirectorySecurity Advisories
Sign In
Security Advisories

CVE-2020-1945

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2020-1945

CGA ID

CGA-5rxx-5255-2gr3

Severity

Unknown

Description

Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default temporary directory identified by the Java system property java.io.tmpdir for several tasks and may thus leak sensitive information. The fixcrlf and replaceregexp tasks also copy files from the temporary directory back into the build tree allowing an attacker to inject modified source files into the build process.

References

Affected packages


Safe Source for Open Sourceâ„¢
Media KitContact Us
© 2025 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Products

Chainguard ContainersChainguard LibrariesChainguard VMs