[DepShield] (CVSS 5.9) Vulnerability due to usage of com.google.guava:guava:23.2-jre

**Vulnerabilities**

DepShield reports that this application's usage of [com.google.guava:guava:23.2-jre](https://ossindex.sonatype.org/component/pkg:maven/com.google.guava/guava@23.2-jre) results in the following vulnerability(s):

- (CVSS **5.9**) [[CVE-2018-10237]  Deserialization of Untrusted Data](https://ossindex.sonatype.org/vuln/24585a7f-eb6b-4d8d-a2a9-a6f16cc7c1d0)

<hr />

**Occurrences**

com.google.guava:guava:23.2-jre is a transitive dependency introduced by the following direct dependency(s):

• **[com.google.guava:guava:23.2-jre](https://ossindex.sonatype.org/component/pkg:maven/com.google.guava/guava@23.2-jre)**

• **[com.google.guava:guava:23.2-jre](https://ossindex.sonatype.org/component/pkg:maven/com.google.guava/guava@23.2-jre)**

• **[com.google.guava:guava:23.2-jre](https://ossindex.sonatype.org/component/pkg:maven/com.google.guava/guava@23.2-jre)**

• **[com.google.guava:guava:23.2-jre](https://ossindex.sonatype.org/component/pkg:maven/com.google.guava/guava@23.2-jre)**

<sub>This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for [personal](https://help.github.com/articles/managing-your-personal-account-s-apps/) and [organization](https://help.github.com/articles/managing-your-organization-s-apps/) accounts. Please submit questions or feedback about DepShield to the [Sonatype DepShield Community](https://community.sonatype.com/c/depshield).</sub>

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[DepShield] (CVSS 5.9) Vulnerability due to usage of com.google.guava:guava:23.2-jre #11

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

[DepShield] (CVSS 5.9) Vulnerability due to usage of com.google.guava:guava:23.2-jre #11

Description

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions