Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:maven/org.apache.ant/ant@1.1
purl pkg:maven/org.apache.ant/ant@1.1
Tags Ghost
Next non-vulnerable version 1.10.11
Latest non-vulnerable version 1.10.11
Risk 3.1
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-53z5-f3xj-z7bf
Aliases:
CVE-2020-1945
GHSA-4p6w-m9wc-c9c9
Sensitive Data Exposure in Apache Ant Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default temporary directory identified by the Java system property java.io.tmpdir for several tasks and may thus leak sensitive information. The fixcrlf and replaceregexp tasks also copy files from the temporary directory back into the build tree allowing an attacker to inject modified source files into the build process.
1.9.15
Affected by 3 other vulnerabilities.
1.10.8
Affected by 3 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-02T12:36:44.280106+00:00 GitLab Importer Affected by VCID-53z5-f3xj-z7bf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.ant/ant/CVE-2020-1945.yml 38.0.0
2026-04-01T15:58:43.233912+00:00 GHSA Importer Affected by VCID-53z5-f3xj-z7bf https://github.com/advisories/GHSA-4p6w-m9wc-c9c9 38.0.0