CVE-2020-11979
Published: 1 October 2020
As mitigation for CVE-2020-1945 Apache Ant 1.10.8 changed the permissions of temporary files it created so that only the current user was allowed to access them. Unfortunately the fixcrlf task deleted the temporary file and created a new one without said protection, effectively nullifying the effort. This would still allow an attacker to inject modified source files into the build process.
Mitigation
Set the java.io.tmpdir property of the JVM to point to a directory that is not world read/writable.
Priority
Status
Package | Release | Status |
---|---|---|
ant Launchpad, Ubuntu, Debian |
bionic |
Needs triage
|
focal |
Needs triage
|
|
groovy |
Ignored
(end of life)
|
|
hirsute |
Not vulnerable
(1.10.9-1)
|
|
impish |
Not vulnerable
(1.10.9-1)
|
|
jammy |
Not vulnerable
(1.10.9-1)
|
|
kinetic |
Not vulnerable
(1.10.9-1)
|
|
lunar |
Not vulnerable
(1.10.9-1)
|
|
mantic |
Not vulnerable
(1.10.9-1)
|
|
trusty |
Needs triage
|
|
upstream |
Needs triage
|
|
xenial |
Needs triage
|
Severity score breakdown
Parameter | Value |
---|---|
Base score | 7.5 |
Attack vector | Network |
Attack complexity | Low |
Privileges required | None |
User interaction | None |
Scope | Unchanged |
Confidentiality | None |
Integrity impact | High |
Availability impact | None |
Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |