There is a vulnerability in guava 24.1-jre,upgrade recommended - Githubissues

apache / incubator-datalab

Apache DataLab (incubating)

https://datalab.apache.org/

Apache License 2.0

153 stars 58 forks source link

There is a vulnerability in guava 24.1-jre,upgrade recommended #1038

Open QiAnXinCodeSafe opened 3 years ago

QiAnXinCodeSafe commented 3 years ago

https://github.com/apache/incubator-datalab/blob/423fa3a4404326aaac6aebc68b80a0f86dd775b4/services/billing-aws/pom.xml#L132-L134

CVE-2018-10237 CVE-2020-8908

Recommended upgrade version：30.0-jre

pjfanning commented 2 years ago

updated in master - https://github.com/apache/incubator-datalab/blob/master/services/billing-aws/pom.xml