Dependency-Track页面Risk core列没有值，怎么解决

问题遇到的现象和发生背景

问题相关代码，请勿粘贴截图

                                                          sh """
                                '${mvnHome}/bin/mvn' org.cyclonedx:cyclonedx-maven-plugin:makeBom
                                """

                                sh """
                                curl -X "POST" "http://127.0.0.1:8082/api/v1/bom"\
                                    -H "Content-Type: multipart/form-data"\
                                    -H "X-Api-Key: ${API_KEY}"\
                                    -F "autoCreate=true"\
                                    -F "projectName=${env.JOB_BASE_NAME}-${module_name}"\
                                    -F "projectVersion=${branchOrTag}-${codingCommit[0..9]}-${currentBuild.id}"\
                                    -F "bom=@${it.path}"
                                """

运行结果及报错内容

我的解答思路和尝试过的方法

我想要达到的结果

I expect to see vulnerable components but I don’t
Most common reason: You have yet to enable the Sonatype OSS Index Analyzer. It is not enabled by default but is necessary to scan dependencies represented by Package URLs.

Why is Sonatype OSS Index Analyzer disabled by default?
For Dependency-Track v3.0 - v3.8, Sonatype OSS Index Analyzer is disabled and requires an account. See Sonatype OSS Index Analyzer. For Dependency-Track v4.0 and higher, OSS Index is enabled by default and does not require an account.