Uploaded image for project: 'Qpid'
  1. Qpid
  2. QPID-8256

[Broker-J] Update Guava to version 27.0

    Details

      Description

      The Qpid Broker depends on an older guava version 0.22 which is affected by vulnerability CVE-2018-10237. It does not look like vulnerability CVE-2018-10237 can be exploited with Qpid Broker, as impacted guava classes AtomicDoubleArray and CompoundOrdering are not used directly or indirectly within Qpid Broker code.

        Attachments

          Activity

            People

            • Assignee:
              orudyy Alex Rudyy
              Reporter:
              orudyy Alex Rudyy
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: