ThreeTen Backport

Threeten-Backport Security

Security Policy

Supported Versions

If a security issue occurs, only the latest version is guaranteed to be patched.

Reporting a Vulnerability

To report a security vulnerability, please use the Tidelift security contact. Tidelift will coordinate the fix and disclosure.

CVEs

CVE-2024-23081

This was raised publicly on 2024-04-10. There was no prior warning or private disclosure.

The CVE is nonsense. It was raised by an AI-driven bot. The CVE describes that a NullPointerException is thrown when null is passed into a method. As any Java developer knows, this is perfectly normal and not a security issue or CVE.

Users of ThreeTen-Backport do not need to take any action as the CVE is invalid.

CVE-2024-23082

This was raised publicly on 2024-04-10. There was no prior warning or private disclosure.

The CVE is nonsense. It was raised by an AI-driven bot. The CVE describes that a StringIndexOutOfBoundsException is thrown when a certain input is passed into a method. As any Java developer knows, this is a perfectly normal exception and not a security issue or CVE.

Users of ThreeTen-Backport do not need to take any action as the CVE is invalid.

Back to top

Copyright ©2007-2024 ThreeTen.org. All Rights Reserved.

Version: 1.6.10-SNAPSHOT. Last Published: 2024-04-16.

Reflow Maven skin.