diff --git a/check_test_suite.py b/check_test_suite.py
index ec21353f79f..3de4047eeed 100755
--- a/check_test_suite.py
+++ b/check_test_suite.py
@@ -29,7 +29,7 @@ always_run_jobs = ['license checks', '(openjdk8) packaging check', '(openjdk11)
ignore_prefixes = ['.github', '.idea', '.asf.yaml', '.backportrc.json', '.codecov.yml', '.dockerignore', '.gitignore',
'.lgtm.yml', 'CONTRIBUTING.md', 'setup-hooks.sh', 'upload.sh', 'dev', 'distribution/docker',
'distribution/asf-release-process-guide.md', '.travis.yml', 'check_test_suite.py',
- 'check_test_suite_test.py']
+ 'check_test_suite_test.py', 'owasp-dependency-check-suppressions.xml']
# these files are docs changes
# if changes are limited to this set then we can skip web-console and java
diff --git a/check_test_suite_test.py b/check_test_suite_test.py
index 2cefd446425..18446ea8d99 100755
--- a/check_test_suite_test.py
+++ b/check_test_suite_test.py
@@ -77,7 +77,7 @@ class CheckTestSuite(unittest.TestCase):
['check_test_suite_test.py'],
['website/core/Footer.js'],
['web-console/src/views/index.ts'],
- ['check_test_suite_test.py', 'website/core/Footer.js', 'web-console/unified-console.html']
+ ['check_test_suite_test.py', 'website/core/Footer.js', 'web-console/unified-console.html', 'owasp-dependency-check-suppressions.xml']
]
some_java_diffs = [
['core/src/main/java/org/apache/druid/math/expr/Expr.java'],
diff --git a/owasp-dependency-check-suppressions.xml b/owasp-dependency-check-suppressions.xml
index 9b46f2265ae..aa83c41aa04 100644
--- a/owasp-dependency-check-suppressions.xml
+++ b/owasp-dependency-check-suppressions.xml
@@ -26,6 +26,7 @@
^pkg:maven/org\.apache\.druid/druid\-indexing\-hadoop@.*$
CVE-2012-4449
CVE-2017-3162
+ CVE-2018-8009
@@ -387,4 +388,13 @@
^pkg:maven/org\.apache\.thrift/libthrift@0.13.0$
CVE-2020-13949
+
+
+ CVE-2021-40531
+