Skip to main content
Components
Vulnerabilities
Pricing
MCP
API
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
org.apache.ant/ant 1.10.9 | Vulnerabilities | Sonatype Guide
Get full component data and automated fixes with Sonatype Guide.
Sign up for free
maven
org.apache.ant
ant
1.10.9
ant 1.10.9
org.apache.ant
Published
Sep 27, 2020
•
Policy
compliance
maven Registry
Developer Trust Score
Recommended Version:
x.y.z
Latest version with 0 known vulnerabilities that meets your policy.
Compare Versions
Overview
Overview
Versions
42
Versions
42
Vulnerabilities
2
Vulnerabilities
2
Dependencies
1
Dependencies
1
Severity
Critical
(0)
High
(0)
Medium
(2)
Low
(0)
CVSS Score
0.0
10.0
EPSS Score
0.0
1.0
Malware
KEV Status
Published
Filter
Sort: Published (Newest first)
5.5
CVE-2021-36374
When reading a specially crafted ZIP archive, or a derived formats, an Apache Ant build can be made to allocate large amounts of memory that leads to an out of memory error, even for small inputs. This can be used to disrupt builds using Apache Ant. Commonly used derived formats from ZIP archives are for instance JAR files and many office files. Apache Ant prior to 1.9.16 and 1.10.11 were affected.
affected
Severity
Medium
Published
Jul 15, 2021
5.5
CVE-2021-36373
When reading a specially crafted TAR archive an Apache Ant build can be made to allocate large amounts of memory that finally leads to an out of memory error, even for small inputs. This can be used to disrupt builds using Apache Ant. Apache Ant prior to 1.9.16 and 1.10.11 were affected.
affected
Severity
Medium
Published
Jul 15, 2021
