Assess the issue, and weigh up risk against effort. If the risk is high, you could remove the dependency.
Both the Snyk CLI and the SCM integrations allow ignore options for the vulnerability for 14, 30, 60, 90 days--as well as forever or until a fix is available.