For Java it doesn't matter how many versions of a class you provide. The default classloader will just pick the first one on the classpath it can find.

Since you can run the application without error this means one of the following:

• if javassist-3.9.0.GA.jar is first on the classpath: your application doesn't rely on new APIs or bugfixes in javassist-3.20.0-GA.jar Also no APIs you used of this library changed between these versions (which a library shouldn't do between minor versions)

• if javassist-3.20.0-GA.jar is first on the classpath: the library is backwards compatible

I suggest:

• If these dependencies are direct dependencies in different parts of your application, make sure you're using everywhere the same version. The best way is to fix the version in the dependencyManagement section of the parent POM and then omit the version attribute in the dependencies sections.
• If these dependencies are transitive dependencies, then exclude the one you don't want to use to make sure you only have one version of the library in your final application. Also consider to file an issue for the project that still uses the old version and ask them to upgrade the version of the dependency.
• If you need to work with two incompatible versions of the same library, which have the same package and class names, consider to use a module system such as OSGi, which supports running different versions of the same library to some degree.

Answering to "any suggestions how to fix it?" take a look at Resolving conflicts using the dependency tree. With the command mvn dependency:tree you'll be able to know where any dependency comes from. When you know which artifacts depends on javassist, you may add an exclusion entry to avoid one of the javassist version.