You have BOM in maven. You can block dependencies in a maven/gradle build which will fail the build if a sub dependency brings that in. The article incorrectly states that only Java 11 and lower are vulnerable. It's true that they are more vulnerable but newer JDK versions can still be attacked. It's just harder.
