CVE-2024-23080

Name of the Vulnerable Software and Affected Versions Joda Time version 2.12.5

Description A NullPointerException was reportedly discovered in Joda Time via the component org.joda.time.format.PeriodFormat::wordBased(Locale). However, this finding is disputed by multiple third parties who question the evidence and suggest the submission may have been based on an insufficiently robust tool for vulnerability identification.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.