Fix vulnerabilites in dependencies

[kaklakariada]

Ossindex reports many vulnerable dependencies:

[ERROR] Failed to execute goal org.sonatype.ossindex.maven:ossindex-maven-plugin:3.1.0:audit (default-cli) on project parquet-io-java: Detected 6 vulnerable components:
[ERROR]   com.squareup.okhttp:okhttp:jar:2.7.5:compile; https://ossindex.sonatype.org/component/pkg:maven/com.squareup.okhttp/[email protected]?utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1
[ERROR]     * [CVE-2021-0341] CWE-295: Improper Certificate Validation (7.5); https://ossindex.sonatype.org/vulnerability/CVE-2021-0341?component-type=maven&component-name=com.squareup.okhttp%2Fokhttp&utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1
[ERROR]     * [sonatype-2018-0035] CWE-20: Improper Input Validation (5.9); https://ossindex.sonatype.org/vulnerability/sonatype-2018-0035?component-type=maven&component-name=com.squareup.okhttp%2Fokhttp&utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1
[ERROR]   org.apache.hadoop:hadoop-common:jar:3.3.1:compile; https://ossindex.sonatype.org/component/pkg:maven/org.apache.hadoop/[email protected]?utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1
[ERROR]     * [CVE-2022-26612] CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (9.8); https://ossindex.sonatype.org/vulnerability/CVE-2022-26612?component-type=maven&component-name=org.apache.hadoop%2Fhadoop-common&utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1
[ERROR]   com.google.guava:guava:jar:31.0.1-jre:compile; https://ossindex.sonatype.org/component/pkg:maven/com.google.guava/[email protected]?utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1
[ERROR]     * [sonatype-2020-0926] CWE-379: Creation of Temporary File in Directory with Incorrect Permissions (6.2); https://ossindex.sonatype.org/vulnerability/sonatype-2020-0926?component-type=maven&component-name=com.google.guava%2Fguava&utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1
[ERROR]   com.google.protobuf:protobuf-java:jar:2.5.0:compile; https://ossindex.sonatype.org/component/pkg:maven/com.google.protobuf/[email protected]?utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1
[ERROR]     * [CVE-2021-22569] CWE-400: Uncontrolled Resource Consumption ('Resource Exhaustion') (5.5); https://ossindex.sonatype.org/vulnerability/CVE-2021-22569?component-type=maven&component-name=com.google.protobuf%2Fprotobuf-java&utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1
[ERROR]   commons-codec:commons-codec:jar:1.11:compile; https://ossindex.sonatype.org/component/pkg:maven/commons-codec/[email protected]?utm_source=ossindex-client&utm_medium=integration&utm_content=1.1.1
[ERROR]     * [sonatype-2012-0050] CWE-20: Improper Input Validation (5.3); https://ossindex.sonatype.org/vulnerability/sonatype-2012-0050?component-type=maven&component-name=commons-codec%2Fcommons-codec&utm_source=ossindex-client&utm_medium=integration&utm_content=1.1.1
[ERROR]   com.google.code.gson:gson:jar:2.2.4:compile; https://ossindex.sonatype.org/component/pkg:maven/com.google.code.gson/[email protected]?utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1
[ERROR]     * [sonatype-2021-1694] CWE-502: Deserialization of Untrusted Data (7.5); https://ossindex.sonatype.org/vulnerability/sonatype-2021-1694?component-type=maven&component-name=com.google.code.gson%2Fgson&utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1

[morazow]

I think @pj-spoelders is already have fix for them.

[kaklakariada]

@morazow sorry, I overlooked this PR :-/