51 matches found
EUVD-2021-0549
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2020-1945
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default temporary directory identified by the Java system property java.io.tmpdir for several tasks and m...
RHEL 6 : ant (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - ant: insecure temporary file CVE-2020-11979 - Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the...
RHEL 5 : ant (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - ant: insecure temporary file CVE-2020-11979 - Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the...
BIT-GRADLE-2020-11979
As mitigation for CVE-2020-1945 Apache Ant 1.10.8 changed the permissions of temporary files it created so that only the current user was allowed to access them. Unfortunately the fixcrlf task deleted the temporary file and created a new one without said protection, effectively nullifying the...
Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM : Apache Ant vulnerability (USN-4874-1)
The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-4874-1 advisory. It was discovered that Apache Ant created temporary files with insecure permissions. An attacker could use this vulnerability to read...
Security Bulletin: Vulnerability found in ant-1.8.2.jar which is shipped with IBM® Intelligent Operations Center(CVE-2021-36373, CVE-2020-11979, CVE-2021-36374, CVE-2012-2098, CVE-2020-1945)
Summary Multiple vulnerabilities have been identified in ant-1.8.2.jar which is shipped with IBM® Intelligent Operations Center. Information about these vulnerabilities affecting IBM® Intelligent Operations Center have been published and addressed the applicable CVEs. Vulnerability Details...
Security Bulletin: Vulnerability in ant-1.8.1.jar affects IBM Cloud Pak for Data System 2.0 (CPDS 2.0)
Summary The ant-1.8.1.jar package is used by IBM Cloud Pak for Data System 2.0 . IBM Cloud Pak for Data System 2.0 has addressed the applicable CVEs CVE-2012-2098, CVE-2020-11979, CVE-2021-36374, CVE-2021-36373, CVE-2020-1945. Vulnerability Details CVEID:CVE-2012-2098 DESCRIPTION: Apache Commons...
SUSE CVE-2020-1945
Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default temporary directory identified by the Java system property java.io.tmpdir for several tasks and may thus leak sensitive information. The fixcrlf and replaceregexp tasks also copy files from the temporary directory back into the build...
SUSE: Security Advisory (SUSE-SU-2022:4022-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES12: ant / ant-antlr / ant-apache-bcel / ant-apache-bsf / etc (SUSE-SU-2022:4022-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4022-1 advisory. - CVE-2020-1945: Fixed insecure temporary file vulnerability bsc1171696. - CVE-2020-11979: Fixed issue introduced with fix for...
Mageia: Security Advisory (MGASA-2020-0237)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Advisory ROSA-SA-2021-1805
Software: ant 1.9.4 OS: Cobalt 7.9 CVE-ID: CVE-2020-1945 CVE-Crit: MEDIUM CVE-DESC: Apache Ant 1.1 through 1.9.14 and 1.10.0 through 1.10.7 uses the default temporary directory defined by the Java system property java.io.tmpdir for several tasks, and thus may leak sensitive information. The fixcr...
SUSE: Security Advisory (SUSE-SU-2020:1944-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Vulnerability in Apache Ant affect IBM Operations Analytics - Log Analysis Analysis (CVE-2020-1945)
Summary A vulnerability in Apache Ant which could potentially leak sensitive information was addressed by IBM Operations Analytics - Log Analysis. Vulnerability Details CVEID: CVE-2020-1945 DESCRIPTION: Apache Ant could allow a remote attacker to bypass security restrictions, caused by the use of...
MGASA-2021-0173 Updated ant packages fix security vulnerability
Updated ant packages fix security vulnerability: As mitigation for CVE-2020-1945 Apache Ant 1.10.8 changed the permissions of temporary files it created so that only the current user was allowed to access them. Unfortunately the fixcrlf task deleted the temporary file and created a new one withou...
Updated ant packages fix security vulnerability
Updated ant packages fix security vulnerability: As mitigation for CVE-2020-1945 Apache Ant 1.10.8 changed the permissions of temporary files it created so that only the current user was allowed to access them. Unfortunately the fixcrlf task deleted the temporary file and created a new one withou...
ant: insecure temporary file
As mitigation for CVE-2020-1945 Apache Ant 1.10.8 changed the permissions of temporary files it created so that only the current user was allowed to access them. Unfortunately the fixcrlf task deleted the temporary file and created a new one without said protection, effectively nullifying the...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.5.33 packages and security update
Red Hat OpenShift Container Platform release 4.5.33 is now available with updates to packages and images that fix several bugs. This release also includes a security update for Red Hat OpenShift Container Platform 4.5. Red Hat Product Security has rated this update as having a security impact of...
ant: insecure temporary file
As mitigation for CVE-2020-1945 Apache Ant 1.10.8 changed the permissions of temporary files it created so that only the current user was allowed to access them. Unfortunately the fixcrlf task deleted the temporary file and created a new one without said protection, effectively nullifying the...