[PLUGIN-1915]: Fix CVEs in com.google.guava:31.1-jre

[sgarg-CS]

Issue:
Guava (com.google.guava:31.1-jre): Use of Java's default temporary directory for file creation in FileBackedOutputStream in Google Guava versions 1.0 to 31.1 on Unix systems and Android Ice Cream Sandwich allows other users and apps on the machine with access to the default Java temporary directory to be able to access the files created by the class. Even though the security vulnerability is fixed in version 32.0.0, maintainers recommend using version 32.0.1 as version 32.0.0 breaks some functionality under Windows.

Root Cause:
Guava : FileBackedOutputStream uses temporary files to store data once a certain memory threshold is exceeded. This can result in failure to sufficiently restrict access to the temp file, making it susceptible to race conditions or file hijacking. It can further allow unauthorized access or modification of the temporary file by other processes/users on the system.

Fix:
Add the guava dependency to the exclusions and upgrade to a higher version such as 33.4.0-jre to get rid of the CVE.

JIRA : PLUGIN-1915

[google-cla]

Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

View this failed invocation of the CLA check for more information.

For the most up to date status, view the checks section at the bottom of the pull request.