-
Bug
-
Resolution: Done
-
Medium
-
Dublin Release
-
None
The commons-codec package is subject to a vulnerability in which Base32 would decode some invalid Base32 encoded string into arbitrary value.
See https://issues.apache.org/jira/browse/CODEC-134 for details.
There is currently no non-vulnerable version of this library.