Hi Team,

I hope this is the right place to address the topic.

One of my TAM customer's is wondering about the Health index on ubi8/openjdk-11 [1], which is currently shown as "A". The SNYK results (Quay/Clair) [2] are showing a critical and high vulernability [2], e.g. "SNYK-JAVA-ORGAPACHEMWAVENSHARED-570592" for maven.

Questions:
  - Is maven-shared-utils 3.2.1 (included in ubi8/openjdk-11) indeed affected?
  - Are there plans to get maven-shared-utils updated?

References:
  1) https://catalog.redhat.com/software/containers/ubi8/openjdk-11/5dd6a4b45a13461646f677f4?container-tabs=overview
  2) https://access.redhat.com/support/cases/#/case/03117588?commentId=a0a2K00000eMWD1QAO
  
Thanks,
Rainer