Vulnerabilities with the components used along with pgAdmin 4.18 - Mailing list pgadmin-support

Hi,

We are using pgAdmin 4(version 4.18) that is bundled along with Postgres 12.

We notice that version 4.18 of pgAdmin packages the following components that has some open vulnerabilities.

Read component, version, vulnerabilities:

python 3.7.4   https://www.cvedetails.com/vulnerability-list/vendor_id-10210/Python.html

sqlite     3.28.0   https://www.cvedetails.com/vulnerability-list/vendor_id-9237/Sqlite.html

zlib        1.2.8   https://www.cvedetails.com/vulnerability-list/vendor_id-72/product_id-1820/GNU-Zlib.html

curl        7.65.3  https://curl.haxx.se/docs/vuln-7.65.3.html

expat    2.2.7   https://www.cvedetails.com/vulnerability-list/vendor_id-12037/product_id-22545/Libexpat-Expat.html

openssl 1.1.1c    https://www.cvedetails.com/vulnerability-list/vendor_id-217/product_id-383/Openssl-Openssl.html

openssl 1.1.1d  https://www.cvedetails.com/vulnerability-list/vendor_id-217/product_id-383/Openssl-Openssl.html

We are using pgAdmin to administer our Database in a customer environment.

We have the following queries:

1. Any open vulnerability with the above mentioned component versions that we should be worried about?
2. Is there any roadmap to upgrade the above components used in pgAdmin tool.