We are conducting security vulnerability scans of our IdM product implementation. 

We have discovered that the following libraries have serious vulnerabilities registered against them. 

We have also verified that they still exist in the 14.5. 

When will newer versions of the jar files be available and incorporated into the release?

The quartz jar is 2.3.2. It is subject to the following CVE: CVE-2023-39017

After review by our Level 2 team for this issue, it has been determined that CVE-2023-39017 talks about quartz-jobs 2.3.2.jar 

this jar is not being used by IM. IM uses quartz-2.3.2.jar this is not Vulnerable.

this class "org.quartz.jobs.ee.jms.SendQueueMessageJob" is present in quartz-jobs 2.3.2.jar but not quartz-2.3.2.jar

So CVE-2023-39017 does not have impact on IM .