Uploaded image for project: 'Qpid'
  1. Qpid
  2. QPID-8256

[Broker-J] Update Guava to version 27.0

    XMLWordPrintableJSON

Details

    Description

      The Qpid Broker depends on an older guava version 0.22 which is affected by vulnerability CVE-2018-10237. It does not look like vulnerability CVE-2018-10237 can be exploited with Qpid Broker, as impacted guava classes AtomicDoubleArray and CompoundOrdering are not used directly or indirectly within Qpid Broker code.

      Attachments

        Activity

          People

            orudyy Alex Rudyy
            orudyy Alex Rudyy
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: