snyk reports vulnerability issues related of (old) dependency versions.

Update reported versions.

org.jboss.logging:jboss-logging has vulnerabilities from use of log4j:log4j.  The version update does not resolve all CVE's reported against log4j.