We need to synk scan the Flink 2.1 release branch and identify any CVEs with a CVSS score of 5.0 or higher.

We should produce a list of fixable vulnerabilities and create tasks for updating those in the upstream. Vulnerabilities without a fix will need to be summaries for inclusion in the release notes.