exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 8 of 8 RSS Feed

CVE-2020-1945

Status Candidate

Overview

Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default temporary directory identified by the Java system property java.io.tmpdir for several tasks and may thus leak sensitive information. The fixcrlf and replaceregexp tasks also copy files from the temporary directory back into the build tree allowing an attacker to inject modified source files into the build process.

Related Files

Red Hat Security Advisory 2021-0637-01
Posted Mar 3, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0637-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include XML injection and information leakage vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2020-11979, CVE-2020-1945, CVE-2020-2304, CVE-2020-2305, CVE-2020-2306, CVE-2020-2307, CVE-2020-2308, CVE-2020-2309, CVE-2020-25658
SHA-256 | 05440a089c9c2be8c014b141dbcf185532a6dd580a447d45e77fbddc16b07454
Red Hat Security Advisory 2021-0429-01
Posted Mar 3, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0429-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.5.33. Issues addressed include cross site scripting, denial of service, deserialization, and traversal vulnerabilities.

tags | advisory, denial of service, vulnerability, xss
systems | linux, redhat
advisories | CVE-2020-11979, CVE-2020-1945, CVE-2021-21602, CVE-2021-21603, CVE-2021-21604, CVE-2021-21605, CVE-2021-21606, CVE-2021-21607, CVE-2021-21608, CVE-2021-21609, CVE-2021-21610, CVE-2021-21611, CVE-2021-21615
SHA-256 | 8cf21f447dc9c3c68914d4049c71d2f2d8a1ecab923715b169795f1bb0bff7d4
Red Hat Security Advisory 2021-0423-01
Posted Feb 18, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0423-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.17. Issues addressed include cross site scripting, denial of service, deserialization, and traversal vulnerabilities.

tags | advisory, denial of service, vulnerability, xss
systems | linux, redhat
advisories | CVE-2020-11979, CVE-2020-1945, CVE-2021-21602, CVE-2021-21603, CVE-2021-21604, CVE-2021-21605, CVE-2021-21606, CVE-2021-21607, CVE-2021-21608, CVE-2021-21609, CVE-2021-21610, CVE-2021-21611, CVE-2021-21615
SHA-256 | e6cd828c9e24e5d969069e35ec54dce03dc9efba03f19eccd10e50fcfb9b66b8
Red Hat Security Advisory 2020-4961-01
Posted Nov 6, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4961-01 - Red Hat Process Automation Manager is an open source business process management suite that combines process management and decision service management and enables business and IT users to create, manage, validate, and deploy process applications and decision services. This release of Red Hat Process Automation Manager 7.9.0 serves as an update to Red Hat Process Automation Manager 7.8.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include XML injection, denial of service, improper authorization, man-in-the-middle, server-side request forgery, and remote SQL injection vulnerabilities.

tags | advisory, remote, denial of service, vulnerability, sql injection
systems | linux, redhat
advisories | CVE-2019-14900, CVE-2019-17566, CVE-2020-10683, CVE-2020-10693, CVE-2020-10714, CVE-2020-1748, CVE-2020-1945, CVE-2020-1954, CVE-2020-2875, CVE-2020-2933, CVE-2020-2934
SHA-256 | 9e803345c368e5e07879631b2fd7da4a26d21dfe3fc72747393433b0e760cbb0
Red Hat Security Advisory 2020-4960-01
Posted Nov 6, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4960-01 - Red Hat Decision Manager is an open source decision management platform that combines business rules management, complex event processing, Decision Model & Notation execution, and Business Optimizer for solving planning problems. It automates business decisions and makes that logic available to the entire business. This release of Red Hat Decision Manager 7.9.0 serves as an update to Red Hat Decision Manager 7.8.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include XML injection, denial of service, improper authorization, man-in-the-middle, server-side request forgery, and remote SQL injection vulnerabilities.

tags | advisory, remote, denial of service, vulnerability, sql injection
systems | linux, redhat
advisories | CVE-2019-14900, CVE-2019-17566, CVE-2020-10683, CVE-2020-10693, CVE-2020-10714, CVE-2020-1748, CVE-2020-1945, CVE-2020-1954, CVE-2020-2875, CVE-2020-2933, CVE-2020-2934
SHA-256 | 37587b054821cd3932803c66a9745ffe99b9249c67263ca98730dfebbedf9bda
Gentoo Linux Security Advisory 202007-34
Posted Jul 27, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202007-34 - Apache Ant uses various insecure temporary files possibly allowing local code execution. Versions less than 1.10.8 are affected.

tags | advisory, local, code execution
systems | linux, gentoo
advisories | CVE-2020-1945
SHA-256 | df1a11722542eb1ff244cd3ad82abf5edee19acfd437f057f22f26c91fc63683
Red Hat Security Advisory 2020-2618-01
Posted Jun 19, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2618-01 - Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency. This release of Red Hat AMQ Streams 1.5.0 serves as a replacement for Red Hat AMQ Streams 1.4.0, and includes security and bug fixes, and enhancements.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-11612, CVE-2020-1945
SHA-256 | 3ee7934e7a1293c6acdcf22be66e68fc63016a65886517eb784c831ecd60e4dc
Ubuntu Security Notice USN-4380-1
Posted Jun 2, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4380-1 - It was discovered that Apache Ant created temporary files with insecure permissions. An attacker could use this vulnerability to read sensitive information leaked into /tmp, or potentially inject malicious code into a project that is built with Apache Ant.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2020-1945
SHA-256 | 154081a065dda9921fd699b00ce802717d0a7d90eaf2563ac4a76c20d5c7f45b
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close