Author: [AlexsandroRyan](https://github.com/AlexsandroRyan)

This pull request addresses all CVEs reported by the Checkmarx tool
during its execution on this repository.

The previous discussion can be found here:
https://github.com/cometbft/cometbft/discussions/3558.

I have updated all necessary dependencies to fix the identified CVEs,
but some vulnerabilities remain unresolved. I would appreciate any
assistance in addressing these remaining issues.

1. CVE-2021-3538: This issue is related to the github.com/satori/go.uuid
package, which is a dependency of
[tm-load-test](https://github.com/informalsystems/tm-load-test). We have
already submitted a PR to address this:
informalsystems/tm-load-test#221.

2. CVE-2024-24786: This vulnerability pertains to the
google.golang.org/protobuf package. Running go mod graph | grep
google.golang.org/protobuf reveals that many packages are using the
vulnerable version. It’s unclear if updating them individually is
feasible.

3. CVE-2024-34478: This vulnerability is associated with
github.com/btcsuite/btcd, a dependency of
github.com/btcsuite/btcd/btcutil, which is currently used at a version
lower than 0.24.0. We have also submitted a pull request for this:
btcsuite/btcd#2235.

Please let us know if this approach is sufficient or if there is a more
efficient way to resolve these issues.

<!--

Please add a reference to the issue that this PR addresses and indicate
which
files are most critical to review. If it fully addresses a particular
issue,
please include "Closes #XXX" (where "XXX" is the issue number).

If this PR is non-trivial/large/complex, please ensure that you have
either
created an issue that the team's had a chance to respond to, or had some
discussion with the team prior to submitting substantial pull requests.
The team
can be reached via GitHub Discussions or the Cosmos Network Discord
server in
the #cometbft channel. GitHub Discussions is preferred over Discord as
it
allows us to keep track of conversations topically.
https://github.com/cometbft/cometbft/discussions

If the work in this PR is not aligned with the team's current
priorities, please
be advised that it may take some time before it is merged - especially
if it has
not yet been discussed with the team.

See the project board for the team's current priorities:
https://github.com/orgs/cometbft/projects/1

-->

---

#### PR checklist

- [ ] ~Tests written/updated~
- [ ] ~Changelog entry added in `.changelog` (we use
[unclog](https://github.com/informalsystems/unclog) to manage our
changelog)~
- [ ] ~Updated relevant documentation (`docs/` or `spec/`) and code
comments~
- [ ] Title follows the [Conventional
Commits](https://www.conventionalcommits.org/en/v1.0.0/) spec

---------

Co-authored-by: Alexsandro <alexsandrocosta855@gmail.com>
Co-authored-by: Alessandro <alessandro@informal.systems>