Hi In our scan maven-bundle plugin 5.1.5 is getting flagged for CVE-2021-26291 <https://nvd.nist.gov/vuln/detail/CVE-2021-26291> due to the presence of maven-compat 3.3.9. I am seeing that the latest version of maven-bundle plugin, 5.1.9 is also using maven-compat 3.3.9. Is there any plan to update maven-compat to 3.8.2 at least to get around this CVE?
Thanks