When getting these sorts of errors: [ERROR] Failed to execute goal org.sonatype.ossindex.maven:ossindex-maven-plugin:3.2.0:audit (audit-dependencies) on project tika-dl: Detected 1 vulnerable components: [ERROR] org.threeten:threetenbp:jar:1.3.3:provided; https://ossindex.sonatype.org/component/pkg:maven/org.threeten/threetenbp@1.3.3?utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1 [ERROR] * [CVE-2024-23081] CWE-476: NULL Pointer Dereference (3.7); https://ossindex.sonatype.org/vulnerability/CVE-2024-23081?component-type=maven&component-name=org.threeten%2Fthreetenbp&utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1 [ERROR] * [CVE-2024-23082] CWE-190: Integer Overflow or Wraparound (5.3); https://ossindex.sonatype.org/vulnerability/CVE-2024-23082?component-type=maven&component-name=org.threeten%2Fthreetenbp&utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1 [ERROR]
How do you all typically proceed? Do I patch the issue and move on somehow? How do i get my builds to work now that this error has happened? -Nicholas
