investigate vulnerabilities, fix as much as we can

https://gitlab.eclipse.org/eclipse/xfsc/cat/fc-service/-/security/vulnerability_report