Security group recently reported a number of security violations from the 2023.3 version of the DX-APM Java agents. 

CVE-2023-20860

Going over that list and it looks like a lot of them have been address since 23.3 release.

Example: CVE-2023-20860 which the agent package had update to spring-web-5.3.29.jar

CVE-2022-41881 which netty-codec.jar had been updated to 4.1.97.Final

Run the security scan on the latest java 2023.9.1.16