[
https://issues.apache.org/jira/browse/CAMEL-19743?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17758520#comment-17758520
]
Claus Ibsen commented on CAMEL-19743:
-------------------------------------
You can always just add what version of guava you want to use in your pom.xml
and maven will use that instead of what comes with grpc
> Camel OpenTelemetry Upgrade GRPC
> --------------------------------
>
> Key: CAMEL-19743
> URL: https://issues.apache.org/jira/browse/CAMEL-19743
> Project: Camel
> Issue Type: Dependency upgrade
> Components: camel-opentelemetry
> Affects Versions: 3.21.0
> Reporter: Vladyslav
> Priority: Minor
> Fix For: 3.22.0
>
>
> Good morning,
> CVE-2023-2976 vulnerability was found inĀ Guava which is used GRPC which is
> used in Camel Opentelemetry
> Guava fixed the issue and GRPC upgraded the vulnerability and eliminated the
> issue in version 1.57
> Can you please upgrade GRPC to 1.57 version in Camel Opentelemetry to get rid
> of the vulnerability
> Thanks
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
