CVE vulnerability in haplogrep #28
Description
Hi!
during our dependency check the following came along:
One or more dependencies were identified with vulnerabilities that have a CVSS score greater than or equal to '9,0':
haplogrep-3.2.1.jar: itextpdf-5.1.2.jar: CVE-2022-37109(9.8)
Is it possible to fix this CVE problem?
I'm also not sure which dependency uses itextpdf in haplogrep. But perhaps it is possible to upgrade the specific dependency?
With kind regards,
Jennifer