In addition to security considerations associated with containers, frameworks, and JREs the following points pertain to the security of the buildpack itself.
If you fork the Java buildpack, it is important to keep the fork up to date with the original repository. This will ensure that your fork runs with any security fixes that may be necessary.