diff --git a/build.gradle b/build.gradle
index 1e3b2f7d33..4160665e9e 100644
--- a/build.gradle
+++ b/build.gradle
@@ -13,7 +13,7 @@ buildscript {
plugins {
id 'application'
id 'io.spring.dependency-management' version '1.0.6.RELEASE'
- id 'org.springframework.boot' version '1.5.14.RELEASE'
+ id 'org.springframework.boot' version '1.5.19.RELEASE'
id 'com.github.ben-manes.versions' version '0.20.0'
id 'org.sonarqube' version '2.6.2'
id 'jacoco'
diff --git a/dependency-check-suppressions.xml b/dependency-check-suppressions.xml
index 9ba011af52..35087afe44 100644
--- a/dependency-check-suppressions.xml
+++ b/dependency-check-suppressions.xml
@@ -75,38 +75,52 @@
cpe:/a:slf4j:slf4j:1.7.25
- Temporarily suppress jackson-databind CVE see RDM-3796
- ^com\.fasterxml\.jackson\.core:jackson-databind:.*$
+ jackson-databind 2.8.11.3 fixes this CVE. See
+ https://github.com/FasterXML/jackson-databind/issues/2097#issuecomment-457071680
+ and RDM-3796
+ ^com\.fasterxml\.jackson\.core:jackson-databind:2\.8\.11\.[3].*$
CVE-2018-14718
- Temporarily suppress jackson-databind CVE see RDM-3796
- ^com\.fasterxml\.jackson\.core:jackson-databind:.*$
+ jackson-databind 2.8.11.3 fixes this CVE. See
+ https://github.com/FasterXML/jackson-databind/issues/2097#issuecomment-457071680
+ and RDM-3796
+ ^com\.fasterxml\.jackson\.core:jackson-databind:2\.8\.11\.[3].*$
CVE-2018-14719
- Temporarily suppress jackson-databind CVE see RDM-3796
- ^com\.fasterxml\.jackson\.core:jackson-databind:.*$
+ jackson-databind 2.8.11.3 fixes this CVE. See
+ https://github.com/FasterXML/jackson-databind/issues/2097#issuecomment-457071680
+ and RDM-3796
+ ^com\.fasterxml\.jackson\.core:jackson-databind:2\.8\.11\.[3].*$
CVE-2018-14720
- Temporarily suppress jackson-databind CVE see RDM-3796
- ^com\.fasterxml\.jackson\.core:jackson-databind:.*$
+ jackson-databind 2.8.11.3 fixes this CVE. See
+ https://github.com/FasterXML/jackson-databind/issues/2097#issuecomment-457071680
+ and RDM-3796
+ ^com\.fasterxml\.jackson\.core:jackson-databind:2\.8\.11\.[3].*$
CVE-2018-14721
- Temporarily suppress jackson-databind CVE see RDM-3796
- ^com\.fasterxml\.jackson\.core:jackson-databind:.*$
+ jackson-databind 2.8.11.3 fixes this CVE. See
+ https://github.com/FasterXML/jackson-databind/issues/2097#issuecomment-457071680
+ and RDM-3796
+ ^com\.fasterxml\.jackson\.core:jackson-databind:2\.8\.11\.[3].*$
CVE-2018-19360
- Temporarily suppress jackson-databind CVE see RDM-3796
- ^com\.fasterxml\.jackson\.core:jackson-databind:.*$
+ jackson-databind 2.8.11.3 fixes this CVE. See
+ https://github.com/FasterXML/jackson-databind/issues/2097#issuecomment-457071680
+ and RDM-3796
+ ^com\.fasterxml\.jackson\.core:jackson-databind:2\.8\.11\.[3].*$
CVE-2018-19361
- Temporarily suppress jackson-databind CVE see RDM-3796
- ^com\.fasterxml\.jackson\.core:jackson-databind:.*$
+ jackson-databind 2.8.11.3 fixes this CVE. See
+ https://github.com/FasterXML/jackson-databind/issues/2097#issuecomment-457071680
+ and RDM-3796
+ ^com\.fasterxml\.jackson\.core:jackson-databind:2\.8\.11\.[3].*$
CVE-2018-19362