🔐 CVE-2024-23080: joda-time:joda-time:jar:2.10.8:compile

[github-actions[bot]]

Summary

Joda Time v2.12.5 was discovered to contain a NullPointerException via the component org.joda.time.format.PeriodFormat::wordBased(Locale).

CVE: CVE-2024-23080 CWE: CWE-476

References

• https://ossindex.sonatype.org/vulnerability/CVE-2024-23080?component-type=maven&component-name=joda-time%2Fjoda-time&utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1
• http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-23080
• https://github.com/advisories/GHSA-gxgx-2mvf-9gh5

[kaklakariada]

This vulnerability was retracted, https://ossindex.sonatype.org/vulnerability/CVE-2024-23080 returns 404.