Addressing a lot of security vulnerabilities in the Cadence release v1.2.7

[thle40]

Version of Cadence server, and client(which language)
This is very important to root cause bugs.

Server version: 1.2.7

Describe the bug
There are several CVEs found in the latest release image 1.2.7

To Reproduce
Is the issue reproducible?

Yes

Steps to reproduce the behavior:
A clear and concise description of the reproduce steps.

Expected behavior
Some vulnerabilities can be fixed by upgrading the version of affected packages as below.

CVE	SEVERITY	CVSS	PACKAGE	VERSION	STATUS
CVE-2019-0210	high	7.50	github.com/apache/thrift/lib/go/thrift	v0.0.0-20161221203622-b2a4d4ae21c7	fixed in 0.13.0
CVE-2019-0190	high	7.50	openssl	3.1.4-r1
PRISMA-2023-0056	medium	6.20	github.com/sirupsen/logrus	v1.9.0	fixed in v1.9.3
CVE-2023-6992	medium	5.50	zlib	1.2.13-r1	fixed in v1.9.3

SEVERITY	DESCRIPTION
high	(CIS_Docker_v1.5.0 - 4.1) Image should be created with a non-root user
high	Private keys stored in image

[thle40]

More CVEs reported for this release

CVE	SEVERITY	CVSS	PACKAGE	VERSION	STATUS
CVE-2016-5397	high	7.50	github.com/apache/thrift	v0.0.0-20161221203622-b2a4d4ae21c7	fixed in 0.10.0
CVE-2024-24786	moderate	0.00	google.golang.org/protobuf/internal/encoding/json	v1.31.0	fixed in 1.33.0
CVE-2024-24786	moderate	0.00	google.golang.org/protobuf/encoding/protojson	v1.31.0	fixed in 1.33.0