Significant number of critical vulnerabilities reported in dependencies #273
Description
Running trivy against version 0.9.1 reports 25 critical vulnerabilities in dependent libraries used by bpipe.
For example:
- CVE-2017-17485 https://avd.aquasec.com/nvd/cve-2017-17485
- CVE-2016-6809 https://avd.aquasec.com/nvd/cve-2016-6809
Would it be possible to update com.fasterxml.jackson.core:jackson-databind and org.apache.tika:tika-core?