[
https://issues.apache.org/jira/browse/BEAM-6267?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Ismaël Mejía updated BEAM-6267:
-------------------------------
Description:
Guava 11.0 through 24.x are affected by the following vulnerability:
[https://groups.google.com/forum/#!topic/guava-announce/xqWALw4W1vs/discussion]
https://nvd.nist.gov/vuln/detail/2018-10237
All Beam versions that use these Guava versions need to be updated with latest
fixed Guava library.
was:
Guava 11.0 through 24.x are affected by the following vulnerability:
[https://groups.google.com/forum/#!topic/guava-announce/xqWALw4W1vs/discussion]
All Beam versions that use these Guava versions need to be updated with latest
fixed Guava library.
> Guava library DOS vulnerability in Beam Java SDK
> ------------------------------------------------
>
> Key: BEAM-6267
> URL: https://issues.apache.org/jira/browse/BEAM-6267
> Project: Beam
> Issue Type: Bug
> Components: sdk-java-core
> Affects Versions: 2.4.0, 2.9.0
> Environment: Java
> Reporter: Abdul Qadeer
> Assignee: Kenneth Knowles
> Priority: Major
>
> Guava 11.0 through 24.x are affected by the following vulnerability:
> [https://groups.google.com/forum/#!topic/guava-announce/xqWALw4W1vs/discussion]
> https://nvd.nist.gov/vuln/detail/2018-10237
> All Beam versions that use these Guava versions need to be updated with
> latest fixed Guava library.
>
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
