Receiving security vulnerability in JAVA SDK 1.23.1

We are receiving snyk vulnerabilities from JAVA SDK 1.23.1. Following are the listed vulnerability

  1. Protobuf-java-util ( 3.22.0 )
  2. Protobuf-java ( 3.21.7 )
    So currently we are receiving vulnerability from above dependencies. Snyk is suggesting to use version greater than 3.25.5 but excluding from temporal-sdk and using it explicitly is not working. How to overcome above issue ?

Could you link associated CVEs for these vulnerabilities?

excluding from temporal-sdk and using it explicitly is not working

this should be possible, can you show your pom/gradle config and how you tried to exclude depends?