Security Bulletin: IBM watsonx Orchestrate Cartridge affected by vulnerability in Joda.org Joda-Time

Summary IBM watsonx Orchestrate Cartridge contains a vulnerable version of Joda.org Joda-Time Vulnerability Details CVEID:CVE-2024-23080 DESCRIPTION: Joda.org Joda-Time is vulnerable to a denial of service, caused by a NullPointerException flaw in the...

SUSE CVE-2024-23080

Joda Time v2.12.5 was discovered to contain a NullPointerException via the component org.joda.time.format.PeriodFormat::wordBasedLocale. NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may...

CVE-2024-23080

Joda Time v2.12.5 was discovered to contain a NullPointerException via the component org.joda.time.format.PeriodFormat::wordBasedLocale. NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may...

CVE-2024-23080

Joda Time v2.12.5 was discovered to contain a NullPointerException via the component org.joda.time.format.PeriodFormat::wordBasedLocale. NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may...

CVE-2024-23080

Joda Time v2.12.5 was discovered to contain a NullPointerException via the component org.joda.time.format.PeriodFormat::wordBasedLocale. NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may...

Joda-Time 安全漏洞

Joda-Time is a Joda open source replacement for the widely used Java date and time classes prior to Java SE 8. A security vulnerability exists in Joda-Time version v2.12.5 that stems from the presence of a null pointer exception...

CVE-2024-23080

Joda Time v2.12.5 was discovered to contain a NullPointerException via the component org.joda.time.format.PeriodFormat::wordBasedLocale. NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may...

CVE-2024-23080

Joda Time v2.12.5 was discovered to contain a NullPointerException via the component org.joda.time.format.PeriodFormat::wordBasedLocale. NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may...

CVE-2024-23080

CVE-2024-23080 involves Joda-Time 2.12.5 with a denial-of-service condition caused by a NullPointerException in org.joda.time.format.PeriodFormat::wordBased(Locale). IBM bulletin confirms affected product: IBM watsonx Orchestrate Cartridge (and IBM Cloud Pak for Business Automation components) wi...

PT-2024-19659 · Joda Time · Joda Time

Name of the Vulnerable Software and Affected Versions: Joda Time version 2.12.5 Description: A NullPointerException was reportedly discovered in Joda Time via the component org.joda.time.format.PeriodFormat::wordBasedLocale. However, this finding is disputed by multiple third parties who question...