Currently unable to build CmpRaComponent due to vulnerability found in dependency bcprov-jdk18on-1.77.jar: CVE-2024-30172

[DDvO]

[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time:  8.821 s
[INFO] Finished at: 2024-04-25T19:43:13+02:00
[INFO] ------------------------------------------------------------------------
[ERROR] Failed to execute goal org.owasp:dependency-check-maven:9.0.9:check (default) on project CmpRaComponent: 
[ERROR] 
[ERROR] One or more dependencies were identified with vulnerabilities that have a CVSS score greater than or equal to '0,0': 
[ERROR] 
[ERROR] bcprov-jdk18on-1.77.jar: CVE-2024-30172(5.900000095367432), CVE-2024-30171(5.900000095367432), CVE-2024-29857(7.5)
[ERROR] 
[ERROR] See the dependency-check report for more details.

[DDvO]

Workaround, not for productive use of course: replace in pom.xml <failBuildOnCVSS>0</failBuildOnCVSS> by <failBuildOnCVSS>9</failBuildOnCVSS>

[Akretsch]

fixed in aa7a1fe8c15575faed7311f773fbcaa416b1a461