Trivy scan security vulnerabilities

During the Trivy check of the unit-service-v0-27-0:latest docker image we found some security vulnerabilities:

Vulnerability ID	Affected libs	Severity	Description	Link	Source
CVE-2024-45491	libexpat 2.6.2-r0	CRITICAL	An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on 32-bit platforms (where UINT_MAX equals SIZE_MAX)	https://avd.aquasec.com/nvd/2024/cve-2024-45491/	alpine 3.17.7
CVE-2024-45492	libexpat 2.6.2-r0	CRITICAL	An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for m_groupSize on 32-bit platforms (where UINT_MAX equals SIZE_MAX)	https://avd.aquasec.com/nvd/2024/cve-2024-45492/	alpine 3.17.7
CVE-2024-38821	org.springframework.security:spring-security-web (app.jar)	CRITICAL	Spring-WebFlux: Authorization Bypass of Static Resources in WebFlux Applications	https://avd.aquasec.com/nvd/2024/cve-2024-38821/	Java (jar)
CVE-2024-6197	curl,libcurl 8.7.1-r0	HIGH	libcurl's ASN1 parser has this utf8asn1str() function used for parsing an ASN.1 UTF-8 string. Itcan detect an invalid field and return error.	https://avd.aquasec.com/nvd/2024/cve-2024-6197/	alpine 3.17.7
CVE-2024-45490	libexpat 2.6.2-r0	HIGH	An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XML_ParseBuffer	https://avd.aquasec.com/nvd/2024/cve-2024-45490/	alpine 3.17.7
CVE-2023-52428	com.nimbusds:nimbus-jose-jwt 8.2	HIGH	nimbus-jose-jwt: large JWE p2c header value causes Denial of service	https://avd.aquasec.com/nvd/2023/cve-2023-52428/	Java (jar)
CVE-2024-38816	org.springframework:spring-webmvc 6.1.10 (app.jar)	HIGH	spring-webmvc: Path Traversal Vulnerability in Spring Applications Using RouterFunctions and FileSystemResource	https://avd.aquasec.com/nvd/2024/cve-2024-38816/	Java (jar)