Vulnerability Fixing and POM Reorganization

Fix: Resolve vulnerabilities in pom.xml

This PR addresses vulnerabilities in multiple libraries, including critical and high-severity issues. Below is the delta of vulnerabilities that were present in the previous scan but have been resolved in the current state.

Resolved Vulnerabilities:

1. com.azure:azure-identity

   • Vulnerability: CVE-2024-35255
     • Severity: Medium
     • Issue: Azure Identity Libraries Elevation of Privilege Vulnerability.
     • Resolution: Upgraded from 1.11.2 to 1.12.2.

2. com.nimbusds:nimbus-jose-jwt

   • Vulnerability: CVE-2023-52428
     • Severity: High
     • Issue: Large JWE p2c header value causes Denial of Service.
     • Resolution: Upgraded from 9.30.2 to 9.37.2.

3. org.asynchttpclient:async-http-client

   • Vulnerability: CVE-2024-53990
     • Severity: Critical
     • Issue: CookieStore replaces explicitly defined cookies, leading to potential security issues.
     • Resolution: Upgraded from 2.12.1 to 2.12.4.

4. io.lettuce:lettuce-core

   • Vulnerability: GHSA-q4h9-7rxj-7gx2
     • Severity: Medium
     • Issue: Netty vulnerability included in Redis Lettuce.
     • Resolution: Upgraded from 6.3.2.RELEASE to 6.5.1.RELEASE.

---

By upgrading these libraries to their secure versions, this PR significantly improves the project's security posture by mitigating critical and high-risk vulnerabilities. Please review and approve.

NOTICE

@@ -103,6 +103,7 @@ The following software have components provided under the terms of this license:
 - JSON library from Android SDK (from http://developer.android.com/sdk)
 - JSONassert (from http://github.com/skyscreamer/yoga, https://github.com/skyscreamer/JSONassert)
 - JSR107 API and SPI (from https://github.com/jsr107/jsr107spec)
+- JSpecify annotations (from http://jspecify.org/)
 - Jackson 2 extensions to the Google HTTP Client Library for Java. (from https://repo1.maven.org/maven2/com/google/http-client/google-http-client-jackson2)
 - Jackson dataformat: CBOR (from http://github.com/FasterXML/jackson-dataformats-binary)
 - Jackson datatype: JSR310 (from http://wiki.fasterxml.com/JacksonModuleJSR310, https://repo1.maven.org/maven2/com/fasterxml/jackson/datatype/jackson-datatype-jsr310)
@@ -265,6 +266,7 @@ The following software have components provided under the terms of this license:
 - tomcat-embed-core (from http://tomcat.apache.org/)
 - tomcat-embed-el (from http://tomcat.apache.org/, https://tomcat.apache.org/)
 - tomcat-embed-websocket (from http://tomcat.apache.org/, https://tomcat.apache.org/)
+- webjars-locator-lite (from https://webjars.org)
 
 ========================================================================
 BSD-2-Clause
@@ -552,6 +554,7 @@ The following software have components provided under the terms of this license:
 - msal4j (from https://github.com/AzureAD/microsoft-authentication-library-for-java)
 - msal4j-brokers (from https://github.com/AzureAD/microsoft-authentication-library-for-java)
 - msal4j-persistence-extension (from https://github.com/AzureAD/microsoft-authentication-extensions-for-java, https://github.com/AzureAD/microsoft-authentication-library-for-java)
+- webjars-locator-lite (from https://webjars.org)
 
 ========================================================================
 WTFPL