[jira] [Commented] (CASSANDRA-20999) Cassandra 4.0.18. Apache Commons Codec Base32 Decoding Invalid String Causing Tunneling Weakness

Mon, 03 Nov 2025 22:49:07 -0800 


    [ 
https://issues.apache.org/jira/browse/CASSANDRA-20999?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18035226#comment-18035226
 ] 

Kapil Shewate commented on CASSANDRA-20999:
-------------------------------------------

Is Cassandra vulnerable to the above vulnerability reported in 
commons-codec-1.9.jar. [Apache Commons Codec information disclosure undefined 
Vulnerability 
Report|https://exchange.xforce.ibmcloud.com/vulnerabilities/177835]

 

The CVSS 3.0 Base Score is 7.5

 

 

> Cassandra 4.0.18. Apache Commons Codec Base32 Decoding Invalid String Causing 
> Tunneling Weakness
> ------------------------------------------------------------------------------------------------
>
>                 Key: CASSANDRA-20999
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-20999
>             Project: Apache Cassandra
>          Issue Type: Bug
>            Reporter: Kapil Shewate
>            Priority: Normal
>
> h1. Apache Commons Codec Base32 Decoding Invalid String Causing Tunneling 
> Weakness



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to