WS-2009-0001 - Low Severity Vulnerability
Vulnerable Library - commons-codec-1.10.jar
path: /root/.m2/repository/commons-codec/commons-codec/1.10/commons-codec-1.10.jar
Library home page: http://commons.apache.org/proper/commons-codec/
Dependency Hierarchy:
- wss-agent-api-client-2.6.5.jar (Root Library)
- wss-agent-hash-calculator-2.6.5.jar
- ❌ commons-codec-1.10.jar (Vulnerable Library)
Vulnerability Details
Not all "business" method implementations of public API in Apache Commons Codec 1.x are thread safe, which might disclose the wrong data or allow an attacker to change non-private fields.
Updated 2018-10-07 - an additional review by WhiteSource research team could not indicate on a clear security vulnerability
Publish Date: 2007-10-07
URL: WS-2009-0001
CVSS 2 Score Details (0.0)
Base Score Metrics not available
Step up your Open Source Security Game with WhiteSource here
WS-2009-0001 - Low Severity Vulnerability
path: /root/.m2/repository/commons-codec/commons-codec/1.10/commons-codec-1.10.jar
Library home page: http://commons.apache.org/proper/commons-codec/
Dependency Hierarchy:
Not all "business" method implementations of public API in Apache Commons Codec 1.x are thread safe, which might disclose the wrong data or allow an attacker to change non-private fields.
Updated 2018-10-07 - an additional review by WhiteSource research team could not indicate on a clear security vulnerability
Publish Date: 2007-10-07
URL: WS-2009-0001
Base Score Metrics not available
Step up your Open Source Security Game with WhiteSource here