Security vulnerability for Common-codec 1.10


There is one security vulnerability present in common-codec 1.10 jar of

The Apache Commons contains a flaw that is due to the Base32 codec decoding invalid strings instead of rejecting them. This may allow a remote attacker to tunnel additional information via a base 32 string that seems valid.

Please look into this.

@Aditi thanks for reporting it. It’s fixed. You can test it with this pre-build

1 Like

@coutoPL Thank you. I will test with this build.