Hello. Solr 9.3.0 itself shipped with guava-32.0.1-jre. Where exactly are you seeing the old version?
On Mon, 21 Aug 2023 at 11:59, Pieper, Stefan <stefan.pie...@coremedia.com.invalid> wrote: > Hi there, > > > > a trivy image scan on solr:9.3.0 reveals CVE-2023-2976, rated HIGH, for > com.google.guava:guava: 30.1.1-jre. I fail to find any information on > relevance of this to Solr or Hadoop which introduces the dependency. > > > > Can you provide information on the severity of this CVE in context of Solr? > > > > Thanks! > > Stefan > > > > -- > > Stefan Pieper > Senior Software Engineer > > [image: A picture containing graphics, graphic design, font, logo > Description automatically generated] <https://www.coremedia.com/> > > > > *Elevate Experience. Drive Impact.* > > > E-Mail: stefan.pie...@coremedia.com > > *www.coremedia.com* <https://www.coremedia.com/> > > [image: A pink and red letter on a black background Description > automatically generated with low confidence] > <https://www.linkedin.com/company/coremedia-corp/>[image: A logo of a > camera Description automatically generated with low confidence] > <https://www.instagram.com/coremediacc/>[image: A picture containing > colorfulness, screenshot, graphics, red Description automatically generated] > <https://www.youtube.com/channel/UC3u29ExYv1263SfUBWnsgdQ>[image: A pink > bird with wings Description automatically generated with low confidence] > <https://twitter.com/coremedia?lang=en> > > [image: signature_3139397413] > <https://resources.ecovadis.com/library/ecovadis-medals-recognizing-our-customers-achievements> > > > -------------------------------------------------------------------------------- > > CoreMedia GmbH > > Rödingsmarkt 9, 20459 Hamburg, Germany > > Managing Director: Sören Stamer > > Commercial Register: Amtsgericht Hamburg, HRB 162480 > > > -------------------------------------------------------------------------------- > > >
