ff4j 1.8.1 is vulnerable to Remote Code Execution (RCE). This issue has been patched in version 1.9. References https://nvd.nist.gov/vuln/detail/CVE-2022-44262 https://github.com/ff4j/ff4j/issues/624 https://github.com/advisories/GHSA-65hj-9ppw-77xc