CVE-2020-1945

MEDIUM Year: 2020
CVSS v3 Score
6.3
Medium
CVSS v2 Score
3.3
Low
Weakness Type
CWE-668
View all →

Vulnerability Description

Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default temporary directory identified by the Java system property java.io.tmpdir for several tasks and may thus leak sensitive information. The fixcrlf and replaceregexp tasks also copy files from the temporary directory back into the build tree allowing an attacker to inject modified source files into the build process.

Related Vulnerabilities

CVE-2016-5787

MEDIUM
CVSS:6.3(Medium)

General Electric (GE) Digital Proficy HMI/SCADA - CIMPLICITY before 8.2 SIM 27 mishandles service DACLs, which allows local users to modify a service configuration via unspecified vectors.

CWE-6682016

CVE-2021-21334

MEDIUM
CVSS:6.3(Medium)

In containerd (an industry-standard container runtime) before versions 1.3.10 and 1.4.4, containers launched through containerd's CRI implementation (through Kubernetes, crictl, or any other pod/conta...

CWE-6682021

CVE-2021-32760

MEDIUM
CVSS:6.3(Medium)

containerd is a container runtime. A bug was found in containerd versions prior to 1.4.8 and 1.5.4 where pulling and extracting a specially-crafted container image can result in Unix file permission c...

CWE-6682021

CVE-2021-29280

MEDIUM
CVSS:6.4(Medium)

In TP-Link Wireless N Router WR840N an ARP poisoning attack can cause buffer overflow

CWE-6682021

CVE-2012-5639

MEDIUM
CVSS:6.5(Medium)

LibreOffice and OpenOffice automatically open embedded content

CWE-6682012

CVE-2018-20237

MEDIUM
CVSS:6.5(Medium)

Atlassian Confluence Server and Data Center before version 6.13.1 allows an authenticated user to download a deleted page via the word export feature.

CWE-6682018