Pre development
Requesting merge to development branch. Most of CVE findings are remediated except the GUAVA. GUAVE maven dependency seems to be false positive since the effective version of google GUAVE dependency in JAR is 29-jar but for some reason, the anchor is producing version 11.x which I can't seem to find where the scanner is picking up that version number from.
This is throughout all of our containers.