[ https://issues.apache.org/jira/browse/SLING-12116?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Robert Munteanu closed SLING-12116. ----------------------------------- > Update transative google-guava dependency to version 32.1.3-jre > --------------------------------------------------------------- > > Key: SLING-12116 > URL: https://issues.apache.org/jira/browse/SLING-12116 > Project: Sling > Issue Type: Bug > Components: XSS Protection API > Reporter: Tatyana Vogel > Assignee: Tatyana Vogel > Priority: Critical > Fix For: XSS Protection API 2.4.0 > > > The sling XSS library has a transitive dependency which embeds vulnerable > google-guava. > Upgrade to a vulnerability-free version of the embedded library is needed. -- This message was sent by Atlassian Jira (v8.20.10#820010)