CVE-2020-35918

Name of the Vulnerable Software and Affected Versions branca versions prior to 0.10.0

Description An issue was discovered where decoding tokens with invalid base62 data can cause the program to panic. This occurs when tokens with incorrect base62 encoding are supplied, which can lead to unexpected panics in decoding functions. The documentation incorrectly stated that an error should be reported instead of a panic.

Recommendations For versions prior to 0.10.0, update to version 0.10.0 or later to resolve the issue. As a temporary workaround, consider validating base62 encoded tokens before passing them to decoding functions to minimize the risk of unexpected panics.