maven - Why would Sonatype IQ scan report Guava vulnerability when 'mvn dependency:tree' does not show Guava at all? - Stack Overflow

Why would Sonatype IQ scan report show (in IntelliJ-IDEA) a Guava vulnerability when mvn dependency:tree does not show Guava at all? Here is my Sonatype scan result, with a Level-7 Critical vulnera

June 2018 - devel - Fedora Mailing-Lists

android - Could not resolve com.google.guava:guava:30.1-jre - Gradle project sync failed. Basic functionality will not work properly - in kotlin project - Stack Overflow

Maven: dependency appears in effective pom but not in dependency tree

Maven artifact com.google.guava:guava:14.0.1 has type being bundle when imported by m2e · Issue #1383 · google/guava · GitHub

Solved SOFTWARE SECURITY QUESTION (JAVA, ECLIPSE) Next

Open Source Updates, Get Open Source News + Security Updates

Maven surefire plugin not running tests after migrating from Spock 1.2 to 2.0-M2 - Stack Overflow

Damn Vulnerable Web App (DVWA): Lesson 7: Automate SQL Injection with SqlMap

Damn Vulnerable Web App (DVWA): Lesson 7: Automate SQL Injection with SqlMap

Maven dependencies not resolved correctly during filesystem scan - properties · Issue #2145 · aquasecurity/trivy · GitHub