Remediation:
Upgrade to org.scala-lang:scala-library@2.13.9.
Overview
Affected versions of this package are vulnerable to Remote Code Execution (RCE) due to a vulnerable Java deserialization chain when used in conjunction with LazyList object deserialization, which may allow execution of an arbitrary Function0.
Remediation
Upgrade org.scala-lang:scala-library to version 2.13.9 or higher.