(no title)

There are various ways to validate libraries but it's best to assume an exploit gets through.

So then, you should be looking at your deployment, i.e. locking down containers, network policies, least privileges etc etc.

Try to reduce the blast radius to zero.