DataStax cassandra core drive dependents on vulnerable Guava-19

The vulnerability relates to Guava classes AtomicDoubleArray and CompoundOrdering; we don't use them in the driver.

We've addressed Guava compatibility issues in JAVA-1328. The driver is compatible with 16.0.1 to latest, there is an internal compatibility layer to address the breaking changes in 19. I've just tried a simple client that overrides the dependency to 27.1-jre, things work as expected.

How were you testing and what was the stack trace of your error?