[jira] [Updated] (CODEC-293) Make URLCodec#charset final in 2.0

Gary D. Gregory (Jira) Thu, 17 Feb 2022 07:29:04 -0800


     [ 
https://issues.apache.org/jira/browse/CODEC-293?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Gary D. Gregory updated CODEC-293:
----------------------------------
    Summary: Make URLCodec#charset final in 2.0  (was: Security issue reported 
in commons-codec-1.14.jar)

> Make URLCodec#charset final in 2.0
> ----------------------------------
>
>                 Key: CODEC-293
>                 URL: https://issues.apache.org/jira/browse/CODEC-293
>             Project: Commons Codec
>          Issue Type: Bug
>    Affects Versions: 1.14
>            Reporter: Kiran Kudtarkar
>            Priority: Critical
>
> While performing scans of all our project artefacts, using Xray 
> ([https://jfrog.com/xray/)|https://urldefense.com/v3/__https:/jfrog.com/xray/)__;!!GqivPVa7Brio!J9TPdrHzI4C2XxjL6FPqvIavUMcv8JDZPDbUdDxUj_GNkbaVTUPKBVSkOwivW_xwb3iXAQ$]
>  
> ([https://jfrog.com/xray/features/)|https://urldefense.com/v3/__https:/jfrog.com/xray/features/)__;!!GqivPVa7Brio!J9TPdrHzI4C2XxjL6FPqvIavUMcv8JDZPDbUdDxUj_GNkbaVTUPKBVSkOwivW_yeHM4sOA$],
>  below vulnerability has been reported by one of our clients.
>  
> *Reported Issue: Apache Commons Codec org.apache.commons.codec.net.URLCodec 
> Fields Missing 'final' Thread-safety Unspecified Issue*



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (CODEC-293) Make URLCodec#charset final in 2.0

Reply via email to