-
Story
-
Resolution: Won't Do
-
Medium
-
None
-
None
-
None
The Apache commons-codec package contains an Improper Input Validation vulnerability. The decode() method in the Base32, Base64, and BCodec classes fails to reject malformed Base32 and Base64 encoded strings and consequently decodes them into arbitrary values.
Need to find resolution.