2 matches found
Security Bulletin: IBM watsonx Orchestrate Cartridge affected by vulnerability in Joda.org Joda-Time
Summary IBM watsonx Orchestrate Cartridge contains a vulnerable version of Joda.org Joda-Time Vulnerability Details CVEID:CVE-2024-23080 DESCRIPTION: Joda.org Joda-Time is vulnerable to a denial of service, caused by a NullPointerException flaw in the...
CVE-2024-23080
Joda Time v2.12.5 was discovered to contain a NullPointerException via the component org.joda.time.format.PeriodFormat::wordBasedLocale. NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may...