Because security vulnerabilities in third-party software are so common, it is important to manage the versions of your dependencies and to be prepared to upgrade them quickly. For Maven projects, I recommend putting the versions of all your dependencies in the properties section of your
pom.xml. Furthermore, for libraries which require multiple dependency entries in
pom.xml, this allows you to ensure you use the same version for all of those dependencies.