ThreeTen Backport v1.6.8 was discovered to contain a NullPointerException via the component org.threeten.bp.LocalDate::compareTo(ChronoLocalDate). NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may have been based on a tool that is not sufficiently robust for vulnerability identification.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Red Hat build of Apache Camel 4.4.1 for Spring Boot | RedHat | threetenbp | * |
| Threeten-extra | Ubuntu | mantic | * |