Hi team, We are using the Maven Dependency Plugin in one of our projects and our scanning tools are showing multiple vulnerabilities related to Log4j (CVE-2019-17571, CVE-2020-9488, CVE-2022-23302, CVE-2022-23305, CVE-2022-23307 and CVE-2021-4104).
We would like to know if there are any plans to release a newer version of Maven Dependency Plugin with the fixes of these vulnerabilities(referring to the latest version of Log4j libraries). If so, is there any planned date for this release? Please let us know any any more information is required. Thanks, Venu
