Hi there, a trivy image scan on solr:9.3.0 reveals CVE-2023-2976, rated HIGH, for com.google.guava:guava: 30.1.1-jre. I fail to find any information on relevance of this to Solr or Hadoop which introduces the dependency.
Can you provide information on the severity of this CVE in context of Solr? Thanks! Stefan -- Stefan Pieper Senior Software Engineer [A picture containing graphics, graphic design, font, logo Description automatically generated]<https://www.coremedia.com/> Elevate Experience. Drive Impact. E-Mail: stefan.pie...@coremedia.com<mailto:stefan.pie...@coremedia.com> www.coremedia.com<https://www.coremedia.com/> [A pink and red letter on a black background Description automatically generated with low confidence]<https://www.linkedin.com/company/coremedia-corp/>[A logo of a camera Description automatically generated with low confidence]<https://www.instagram.com/coremediacc/>[A picture containing colorfulness, screenshot, graphics, red Description automatically generated]<https://www.youtube.com/channel/UC3u29ExYv1263SfUBWnsgdQ>[A pink bird with wings Description automatically generated with low confidence]<https://twitter.com/coremedia?lang=en> [signature_3139397413]<https://resources.ecovadis.com/library/ecovadis-medals-recognizing-our-customers-achievements> -------------------------------------------------------------------------------- CoreMedia GmbH Rödingsmarkt 9, 20459 Hamburg, Germany Managing Director: Sören Stamer Commercial Register: Amtsgericht Hamburg, HRB 162480 --------------------------------------------------------------------------------
