[jira] [Reopened] (IGNITE-27872) Normalize Guava/SLF4J versions to reduce CVE false positives

Kirill Anisimov (Jira) Wed, 04 Mar 2026 22:57:13 -0800


     [ 
https://issues.apache.org/jira/browse/IGNITE-27872?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Kirill Anisimov reopened IGNITE-27872:
--------------------------------------

> Normalize Guava/SLF4J versions to reduce CVE false positives
> ------------------------------------------------------------
>
>                 Key: IGNITE-27872
>                 URL: https://issues.apache.org/jira/browse/IGNITE-27872
>             Project: Ignite
>          Issue Type: Sub-task
>          Components: general
>    Affects Versions: 2.17, 2.18
>            Reporter: Kirill Anisimov
>            Assignee: Kirill Anisimov
>            Priority: Major
>              Labels: cve, dependencies, ignite-2, ise
>             Fix For: 2.19
>
>          Time Spent: 50m
>  Remaining Estimate: 0h
>
> There are different versions of Guava and SLF4J in the dependency tree, which 
> can give false positives in CVE reports and complicate updates.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Reopened] (IGNITE-27872) Normalize Guava/SLF4J versions to reduce CVE false positives

Reply via email to