Bump protobuf-java from 3.16.3 to 3.21.7 due to CVE-2022-3509 (#2851)

* Update pom.xml

* Update pom.xml

Co-authored-by: Tijana Vislavski Gradina <tijanavg@google.com>

metadata/pom.xml

@@ -108,7 +108,7 @@
     <dependency>
       <groupId>com.google.protobuf</groupId>
       <artifactId>protobuf-java</artifactId>
-      <version>3.16.3</version>
+      <version>3.21.7</version>
     </dependency>
 
     <!-- https://mvnrepository.com/artifact/com.google.auto.value/auto-value -->

tools/java/cpp-build/pom.xml

@@ -154,7 +154,7 @@
     <dependency>
       <groupId>com.google.protobuf</groupId>
       <artifactId>protobuf-java</artifactId>
-      <version>3.16.3</version>
+      <version>3.21.7</version>
     </dependency>
   </dependencies>