[Enhancement] Fix CVE-2024-13009 (backport #59034)

[mergify]

Why I'm doing:

What I'm doing:

1. Remove the hbase-shaded-jetty from org.apache.hudi:hudi-common

2. ignore spark-core: Because the jetty-server code is copied in the spark-core package, the jetty-server code version is 9.4.56.v20240826, which has a vulnerability risk: CVE-2024-13009. However, the latest version of spark-core does not update the jetty-server version, so we can only ignore it.

What type of PR is this:

• BugFix
• Feature
• Enhancement
• Refactor
• UT
• Doc
• Tool

Does this PR entail a change in behavior?

• Yes, this PR will result in a change in behavior.
• No, this PR will not result in a change in behavior.

If yes, please specify the type of change:

• Interface/UI changes: syntax, type conversion, expression evaluation, display information
• Parameter changes: default values, similar parameters but with different default values
• Policy changes: use new policy to replace old one, functionality automatically enabled
• Feature removed
• Miscellaneous: upgrade & downgrade compatibility, etc.

Checklist:

• I have added test cases for my bug fix or my new feature
• This pr needs user documentation (for new or modified features or behaviors)
  • I have added documentation for my new feature or new function
• This is a backport pr

Bugfix cherry-pick branch check:

• I have checked the version labels which the pr will be auto-backported to the target branch
  • 3.5
  • 3.4
  • 3.3
  • 3.2
  • 3.1

---

This is an automatic backport of pull request #59034 done by [Mergify](https://mergify.com).

[gengjun-git]

@Mergifyio rebase

[mergify]

rebase

✅ Branch has been successfully rebased

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud