OWASP Dependency Checker flags issues on dependent libraries

[JoeArisia]

When we run the checker on the project we get the following libraries flagged up which are from the 3.0.2 azure-eventhubs client.
group: 'com.microsoft.azure', name: 'azure-eventhubs', version: '3.0.2'

Issues:

nimbus-jose-jwt-6.0.1.jar (pkg:maven/com.nimbusds/nimbus-jose-jwt@6.0.1, cpe:2.3:a:connect2id:nimbus_jose\+jwt:6.0.1:*:*:*:*:*:*:*) : CVE-2019-17195
guava-20.0.jar (pkg:maven/com.google.guava/guava@20.0, cpe:2.3:a:google:guava:20.0:*:*:*:*:*:*:*) : CVE-2018-10237
adapter-rxjava-2.4.0.jar (pkg:maven/com.squareup.retrofit2/adapter-rxjava@2.4.0, cpe:2.3:a:squareup:retrofit:2.4.0:*:*:*:*:*:*:*) : CVE-2018-1000844, CVE-2018-1000850

Can we have an update on these dependencies please?