[jira] [Updated] (IGNITE-27872) Normalize Guava/SLF4J versions to reduce CVE false positives

Kirill Anisimov (Jira) Mon, 16 Feb 2026 22:29:07 -0800


     [ 
https://issues.apache.org/jira/browse/IGNITE-27872?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Kirill Anisimov updated IGNITE-27872:
-------------------------------------
    Labels: cve dependencies ignite-2  (was: )

> Normalize Guava/SLF4J versions to reduce CVE false positives
> ------------------------------------------------------------
>
>                 Key: IGNITE-27872
>                 URL: https://issues.apache.org/jira/browse/IGNITE-27872
>             Project: Ignite
>          Issue Type: Sub-task
>          Components: general
>    Affects Versions: 2.17, 2.18
>            Reporter: Kirill Anisimov
>            Assignee: Kirill Anisimov
>            Priority: Major
>              Labels: cve, dependencies, ignite-2
>
> There are different versions of Guava and SLF4J in the dependency tree, which 
> can give false positives in CVE reports and complicate updates.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Updated] (IGNITE-27872) Normalize Guava/SLF4J versions to reduce CVE false positives

Reply via email to