my company check for vulnerablities and i see bunch of vulnerablities in logstash. an example is below
to fix this vulnerablity, should i upgrade guava or does jruby needs to be upgraded. if jruby needs to be upgraded where can i find what versions of jruby is logstash compatible with.
if i need to upgrade guava seperately where can i find the dependencies map for this
com.google.guava:guava 18.0 24.1.1 Java usr/share/logstash/vendor/bundle/jruby/2.6.0/gems/ruby-maven-libs-3.3.9/maven-home/lib/guava-18.0.jar