Doing an arch-audit on my installed packages shows high-risk CVE for java8-openjfx jre8-openjdk-headless packages with remote RCE. However, one of my programs requires these packages as a crucial dependency. Is there any way I could sandbox the java8 packages and run them without the risk of the CVE? Or is there any way around it