Io.jsonwebtoken.jjwt 0.9.1 dependencies are tagged as Vulnerable by OWASP dependency Check


I am trying to build my project with maven using:

But I got this error, when I build the project with dependency-check-maven plugin

One or more dependencies were identified with known vulnerabilities in Project:

jackson-databind-2.9.6.jar (cpe:/a:fasterxml:jackson-databind:2.9.6, com.fasterxml.jackson.core:jackson-databind:2.9.6, cpe:/a:fasterxml:jackson:2.9.6) : CVE-2018-14720, CVE-2018-19360, CVE-2018-14721, CVE-2018-19361, CVE-2019-12086, CVE-2018-19362, CVE-2018-14719,

jackson-databind-2.9.9 should fix this.