search

bazaarvoice / jolt

JSON to JSON transformation library written in Java.
Apache License 2.0
1.54k stars 328 forks source link

Upgrade Guava To Version 31.1-jre #1145

Open mr1716 opened 2 years ago

mr1716 commented 2 years ago

Looks like the jolt-utils uses Guava 29, which is vulnerable to the following CVE CVE-2020-8908. To fix this, specify at least version 31.1-jre