diff --git a/nifi-dependency-check-maven/suppressions.xml b/nifi-dependency-check-maven/suppressions.xml
index fd17ad5457..23b617c89a 100644
--- a/nifi-dependency-check-maven/suppressions.xml
+++ b/nifi-dependency-check-maven/suppressions.xml
@@ -44,11 +44,6 @@
^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$
CVE-2020-5408
-
- Spark 2.13 used in nifi-spark-receiver is not impacted by Spark Server vulnerabilities
- ^pkg:maven/org\.apache\.spark/spark\-.+?_2\.13@.*$
- cpe:/a:apache:spark
-
Apache Hive vulnerabilities do not apply to Flume Hive Sink
^pkg:maven/org\.apache\.flume\.flume\-ng\-sinks/flume\-hive\-sink@.*$
@@ -84,36 +79,11 @@
^pkg:maven/xerces/xercesImpl@.*$
CVE-2017-10355
-
- CVE-2020-13955 applies to Apache Calcite not Apache Calcite Avatica
- ^pkg:maven/org\.apache\.calcite\.avatica/avatica\-core@.*$
- CVE-2020-13955
-
-
- CVE-2020-13955 applies to Apache Calcite not Apache Calcite Avatica
- ^pkg:maven/org\.apache\.calcite\/calcite-avatica@.*$
- CVE-2020-13955
-
CVE-2020-13955 applies to Apache Calcite not Apache Calcite Druid
^pkg:maven/org\.apache\.calcite\/calcite-druid@.*$
CVE-2020-13955
-
- CVE-2020-13955 applies to Apache Calcite Core not Apache Calcite Avatica subproject
- ^pkg:maven/org\.apache\.calcite\.avatica\/avatica(-metrics)?@.*$
- CVE-2020-13955
-
-
- OpenTSDB vulnerabilities do not apply to HBase Async library
- ^pkg:maven/org\.hbase/asynchbase@.*$
- cpe:/a:opentsdb:opentsdb
-
-
- Eclipse Equinox vulnerabilities do not apply to DataNucleus core library
- ^pkg:maven/org\.datanucleus/datanucleus\-core@.*$
- cpe:/a:eclipse:equinox
-
CVE-2018-8025 applies to HBase Server not HBase Client
^pkg:maven/org\.apache\.hbase/hbase\-client@.*$
@@ -124,11 +94,6 @@
^pkg:maven/org\.apache\.hbase/hbase\-client@.*$
CVE-2019-0212
-
- CVE-2014-3643 applies to Jersey Server not Jersey Core
- ^pkg:maven/com\.sun\.jersey/jersey\-core@.*$
- CVE-2014-3643
-
CVE-2007-6465 applies to Ganglia Server not Ganglia client libraries
^pkg:maven/com\.yammer\.metrics/metrics\-ganglia@.*$
@@ -180,23 +145,83 @@
^cpe:/a:elastic.*$
- CVE-2022-45046 description notes that the initial issue was not a security vulnerability
- ^pkg:maven/org\.apache\.camel/camel\-salesforce@.*$
- CVE-2022-45046
+ Elasticsearch Server vulnerabilities do not apply to elasticsearch-rest-client-sniffer
+ ^pkg:maven/org\.elasticsearch\.client/elasticsearch\-.*?\-client-sniffer@.*$
+ ^cpe:/a:elastic.*$
- CVE-2020-36632 applies to JavaScript module named hughsk/flat not flatbuffers
- ^pkg:maven/com\.vlkan/flatbuffers@.*$
- CVE-2020-36632
+ CVE-2022-34271 applies to Atlas Server not the Atlas client library
+ ^pkg:maven/org\.apache\.atlas/.*$
+ CVE-2022-34271
- CVE-2018-8015 applies to Apache ORC not to Apache Iceberg
- ^pkg:maven/org\.apache\.iceberg/iceberg\-orc@.*$
- CVE-2018-8015
+ CVE-2022-30187 applies to Azure Blob not the EventHubs Checkpoint Store Blob library
+ ^pkg:maven/com\.azure/azure\-messaging\-eventhubs\-checkpointstore\-blob@.*$
+ CVE-2022-30187
- CVE-2022-39135 applies to Calcite not Calcite Avatica
- ^pkg:maven/org\.apache\.calcite\.avatica/.*?@.*$
+ CVE-2022-39135 applies to Apache Calcite core not the Calcite Druid library
+ ^pkg:maven/org\.apache\.calcite/calcite\-druid@.*$
CVE-2022-39135
+
+ CVE-2018-8016 applies to Apache Cassandra server not the client library
+ ^pkg:maven/com\.datastax\.cassandra/cassandra\-driver\-extras@.*$
+ CVE-2018-8016
+
+
+ CVE-2018-1000873 applies to Jackson Java 8 Time modules not Jackson Annotations
+ ^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-annotations@.*$
+ CVE-2018-1000873
+
+
+ CVE-2021-34371 applies to Neo4j server not the driver library
+ ^pkg:maven/org\.opencypher\.gremlin/cypher\-gremlin\-neo4j\-driver@.*$
+ CVE-2021-34371
+
+
+ CVE-2010-1151 applies to mod_auth_shadow in Apache HTTP Server not the FTP server library
+ ^pkg:maven/org\.apache\.ftpserver/.*$
+ CVE-2010-1151
+
+
+ CVE-2018-14335 applies to H2 running with a web server console enabled
+ ^pkg:maven/com\.h2database/h2@.*$
+ CVE-2018-14335
+
+
+ CVE-2022-31160 included in hadoop-client-api is not used
+ ^pkg:javascript/jquery\-ui@.*$
+ CVE-2022-31160
+
+
+ CVE-2021-37533 applies to the Commons Net FTP Client which is not used in the version bundled with hadoop-client-runtime for Accumulo
+ ^pkg:maven/commons\-net/commons\-net@.*$
+ CVE-2021-37533
+
+
+ CVE-2021-0341 applies to Android not OkHttp
+ ^pkg:maven/com\.squareup\.okhttp/okhttp@.*$
+ CVE-2021-0341
+
+
+ CVE-2023-25613 applies to an LDAP backend class for Apache Kerby not the Token Provider library
+ ^pkg:maven/org\.apache\.kerby/token\-provider@.*$
+ CVE-2023-25613
+
+
+ The Jetty Apache JSP library is not subject to Apache Tomcat vulnerabilities
+ ^pkg:maven/org\.mortbay\.jasper/apache\-jsp@.*$
+ cpe:/a:apache:tomcat
+
+
+ Google BigQuery Storage is not the same as the gGRPC framework library
+ ^pkg:maven/com\.google\.api\.grpc/grpc\-google\-cloud\-bigquerystorage\-.*$
+ cpe:/a:grpc:grpc
+
+
+ Google PubSubLite is not the same as the gRPC framework library
+ ^pkg:maven/com\.google\.api\.grpc/grpc\-google\-cloud\-pubsublite\-v1@.*$
+ cpe:/a:grpc:grpc
+
diff --git a/nifi-nar-bundles/nifi-graph-bundle/nifi-graph-test-clients/pom.xml b/nifi-nar-bundles/nifi-graph-bundle/nifi-graph-test-clients/pom.xml
index bc102e113e..9975fa0bdf 100644
--- a/nifi-nar-bundles/nifi-graph-bundle/nifi-graph-test-clients/pom.xml
+++ b/nifi-nar-bundles/nifi-graph-bundle/nifi-graph-test-clients/pom.xml
@@ -79,6 +79,10 @@
commons-logging
commons-logging
+
+ org.apache.ivy
+ ivy
+
diff --git a/nifi-nar-bundles/nifi-hive-bundle/nifi-hive-test-utils/pom.xml b/nifi-nar-bundles/nifi-hive-bundle/nifi-hive-test-utils/pom.xml
index 154ec11eb4..42a148ef50 100644
--- a/nifi-nar-bundles/nifi-hive-bundle/nifi-hive-test-utils/pom.xml
+++ b/nifi-nar-bundles/nifi-hive-bundle/nifi-hive-test-utils/pom.xml
@@ -94,6 +94,14 @@
com.google.guava
guava
+
+ org.codehaus.groovy
+ groovy-all
+
+
+ org.apache.ivy
+ ivy
+
@@ -117,6 +125,18 @@
org.apache.logging.log4j
log4j-core
+
+ com.fasterxml.woodstox
+ woodstox-core
+
+
+ org.codehaus.groovy
+ groovy-all
+
+
+ org.apache.ivy
+ ivy
+
diff --git a/nifi-nar-bundles/nifi-hive-bundle/nifi-hive3-processors/pom.xml b/nifi-nar-bundles/nifi-hive-bundle/nifi-hive3-processors/pom.xml
index a08f747edb..7713573b0b 100644
--- a/nifi-nar-bundles/nifi-hive-bundle/nifi-hive3-processors/pom.xml
+++ b/nifi-nar-bundles/nifi-hive-bundle/nifi-hive3-processors/pom.xml
@@ -161,6 +161,10 @@
org.apache.logging.log4j
log4j-slf4j-impl
+
+ org.apache.ivy
+ ivy
+
diff --git a/nifi-nar-bundles/nifi-iceberg-bundle/nifi-iceberg-processors/pom.xml b/nifi-nar-bundles/nifi-iceberg-bundle/nifi-iceberg-processors/pom.xml
index f8b1ec4457..cab4c22032 100644
--- a/nifi-nar-bundles/nifi-iceberg-bundle/nifi-iceberg-processors/pom.xml
+++ b/nifi-nar-bundles/nifi-iceberg-bundle/nifi-iceberg-processors/pom.xml
@@ -147,6 +147,14 @@
org.bouncycastle
bcprov-jdk15on
+
+ org.codehaus.groovy
+ groovy-all
+
+
+ org.apache.ivy
+ ivy
+
diff --git a/nifi-nar-bundles/nifi-ranger-bundle/pom.xml b/nifi-nar-bundles/nifi-ranger-bundle/pom.xml
index 75b7d7368f..011cd1aa8e 100644
--- a/nifi-nar-bundles/nifi-ranger-bundle/pom.xml
+++ b/nifi-nar-bundles/nifi-ranger-bundle/pom.xml
@@ -61,6 +61,12 @@
hadoop-common
${ranger.hadoop.version}
+
+
+ org.apache.solr
+ solr-solrj
+ 8.11.1
+
diff --git a/nifi-registry/nifi-registry-extensions/nifi-registry-ranger/pom.xml b/nifi-registry/nifi-registry-extensions/nifi-registry-ranger/pom.xml
index da4ce4556d..2777f8dd6b 100644
--- a/nifi-registry/nifi-registry-extensions/nifi-registry-ranger/pom.xml
+++ b/nifi-registry/nifi-registry-extensions/nifi-registry-ranger/pom.xml
@@ -60,6 +60,12 @@
zookeeper
${zookeeper.version}
+
+
+ org.apache.solr
+ solr-solrj
+ 8.11.1
+
\ No newline at end of file
diff --git a/pom.xml b/pom.xml
index 89af335557..9b35734a2d 100644
--- a/pom.xml
+++ b/pom.xml
@@ -1196,7 +1196,7 @@
org.owasp
dependency-check-maven
- 8.0.2
+ 8.2.1
false
@@ -1210,6 +1210,7 @@
true
false
+ true