Fix vulnerabilities reported by ossindex

[ckunki]

 Error:  Failed to execute goal org.sonatype.ossindex.maven:ossindex-maven-plugin:3.1.0:audit (default-cli) on project dynamodb-virtual-schema: Detected 5 vulnerable components:
Error:    io.netty:netty-common:jar:4.1.72.Final:runtime; https://ossindex.sonatype.org/component/pkg:maven/io.netty/netty-common@4.1.72.Final?utm_source=ossindex-client&utm_medium=integration&utm_content=1.1.1
Error:      * [CVE-2022-24823] CWE-378: Creation of Temporary File With Insecure Permissions (5.5); https://ossindex.sonatype.org/vulnerability/CVE-2022-24823?component-type=maven&component-name=io.netty%2Fnetty-common&utm_source=ossindex-client&utm_medium=integration&utm_content=1.1.1
Error:    io.netty:netty-handler:jar:4.1.72.Final:runtime; https://ossindex.sonatype.org/component/pkg:maven/io.netty/netty-handler@4.1.72.Final?utm_source=ossindex-client&utm_medium=integration&utm_content=1.1.1
Error:      * 1 vulnerability found (6.5); https://ossindex.sonatype.org/vulnerability/sonatype-2020-0026
Error:    org.apache.xmlrpc:xmlrpc-common:jar:3.1.3:test; https://ossindex.sonatype.org/component/pkg:maven/org.apache.xmlrpc/xmlrpc-common@3.1.3?utm_source=ossindex-client&utm_medium=integration&utm_content=1.1.1
Error:      * [CVE-2016-5003] CWE-502: Deserialization of Untrusted Data (9.8); https://ossindex.sonatype.org/vulnerability/CVE-2016-5003?component-type=maven&component-name=org.apache.xmlrpc%2Fxmlrpc-common&utm_source=ossindex-client&utm_medium=integration&utm_content=1.1.1
Error:      * [CVE-2016-5002] CWE-611: Improper Restriction of XML External Entity Reference ('XXE') (7.8); https://ossindex.sonatype.org/vulnerability/CVE-2016-5002?component-type=maven&component-name=org.apache.xmlrpc%2Fxmlrpc-common&utm_source=ossindex-client&utm_medium=integration&utm_content=1.1.1
Error:    commons-codec:commons-codec:jar:1.11:runtime; https://ossindex.sonatype.org/component/pkg:maven/commons-codec/commons-codec@1.11?utm_source=ossindex-client&utm_medium=integration&utm_content=1.1.1
Error:      * 1 vulnerability found (5.3); https://ossindex.sonatype.org/vulnerability/sonatype-2012-0050
Error:    org.apache.xmlrpc:xmlrpc-client:jar:3.1.3:test; https://ossindex.sonatype.org/component/pkg:maven/org.apache.xmlrpc/xmlrpc-client@3.1.3?utm_source=ossindex-client&utm_medium=integration&utm_content=1.1.1
Error:      * [CVE-2016-5004] CWE-400: Uncontrolled Resource Consumption ('Resource Exhaustion') (6.5); https://ossindex.sonatype.org/vulnerability/CVE-2016-5004?component-type=maven&component-name=org.apache.xmlrpc%2Fxmlrpc-client&utm_source=ossindex-client&utm_medium=integration&utm_content=1.1.1
Error:  -> [Help 1]
Error: 
Error:  To see the full stack trace of the errors, re-run Maven with the -e switch.
Error:  Re-run Maven using the -X switch to enable full debug logging.
Error: 
Error:  For more information about the errors and possible solutions, please read the following articles:
Error:  [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/MojoFailureException
Error: Process completed with exit code 1.

[ckunki]

• io.netty:netty-common:jar:4.1.72.Final in runtime
  • CVE-2022-24823, severity CWE-378: Creation of Temporary File With Insecure Permissions (5.5)
• io.netty:netty-handler:jar:4.1.72.Final in runtime
  • sonatype-2020-0026: 1 vulnerability (6.5)
• org.apache.xmlrpc:xmlrpc-common:jar:3.1.3 in test
  • CVE-2016-5003, severity CWE-502: Deserialization of Untrusted Data (9.8)
  • CVE-2016-5002, severity CWE-611: Improper Restriction of XML External Entity Reference ('XXE') (7.8)
• commons-codec:commons-codec:jar:1.11 in runtime
  • sonatype-2012-0050: 1 vulnerability (5.3)
• org.apache.xmlrpc:xmlrpc-client:jar:3.1.3 in test
  • CVE-2016-5004, severity CWE-400: Uncontrolled Resource Consumption ('Resource Exhaustion') (6.5)