4.0.0 org.evbb CVE-2022-42889 1.0-SNAPSHOT jar CVE-2022-42889 http://maven.apache.org UTF-8 junit junit 3.8.1 test org.apache.commons commons-text 1.8