Details
-
Task
-
Status: Resolved
-
Minor
-
Resolution: Done
-
1.5.0
-
None
Description
The hadoop-shaded-guava library (version of 1.1.1) depends on guava of the version 30.1.1 that has a vulnerability - https://nvd.nist.gov/vuln/detail/CVE-2023-2976. A newer version of the hadoop-shaded-guava (1.2.0) depends from a newer version of the guava - 32.0.1 - that hasn't the CVE
Attachments
Issue Links
- links to