4.0.x branch has reported CVEs in Maven Central (CVE-2017-5929 and CVE-2022-45688)

[ricardozanini]

What happened:
See https://mvnrepository.com/artifact/io.serverlessworkflow/serverlessworkflow-api/4.0.3.Final

CVEs:

• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5929
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45688

Anything else we need to know?:
Also, we need to cherry-pick the last CVE fixed here #193

Environment:

• Specification version used:

[ricardozanini]

Related #192