aws-cloudformation-rpdk-java-plugin has dependencies with high severity vulnerabilities

[sanatoly1204]

aws-cloudformation-rpdk-java-plugin (last version 2.0.16) has dependencies with high severity vulnerabilities

Is there a software version coming out soon that addresses this?
What is the proposed solution for now?

I can try to use "exclusions" option in POM file, but it seems me risky