diff --git a/com.ibm.streamsx.hdfs/CHANGELOG.md b/com.ibm.streamsx.hdfs/CHANGELOG.md
index 9a8e1e8..36302aa 100644
--- a/com.ibm.streamsx.hdfs/CHANGELOG.md
+++ b/com.ibm.streamsx.hdfs/CHANGELOG.md
@@ -1,8 +1,12 @@
# Changes
=======
+## v5.3.4:
+* fix Vulnerabilities CVE-2022-42889, CVE-2022-25168 and CVE-2021-33036
+ hadoop jar libraries upgraded to version 3.3.6
+
## v5.3.3:
-* [#133}fix Vulnerabilities in 3rd party jar libraries)
+* fix Vulnerabilities in 3rd party jar libraries
## v5.3.2:
* [#133](https://github.com/IBMStreams/streamsx.hdfs/issues/140) slf4j jars updated (fix the log4j issue)
diff --git a/com.ibm.streamsx.hdfs/info.xml b/com.ibm.streamsx.hdfs/info.xml
index 5f48c6f..662c2be 100644
--- a/com.ibm.streamsx.hdfs/info.xml
+++ b/com.ibm.streamsx.hdfs/info.xml
@@ -211,9 +211,16 @@ The 'tempFile' parameter specifies the name of the file that the operator writes
* pom.xml updated to use the latest apache libraries
+++ What is new in version 5.3.4
+
+* The Vulnerability issues for 3rd party libraries have been fixed
+* hadoop libraries upgraded to version 3.3.6
+* commons-cli upgraded to 1.5.0
+* commons-codecs upgraded to 1.16.1
+
- 5.3.3
+ 5.3.4
4.2.0.0
diff --git a/com.ibm.streamsx.hdfs/pom.xml b/com.ibm.streamsx.hdfs/pom.xml
index 0a430e8..e49b1a9 100644
--- a/com.ibm.streamsx.hdfs/pom.xml
+++ b/com.ibm.streamsx.hdfs/pom.xml
@@ -8,7 +8,7 @@
com.ibm.streamsx.hdfs
streamsx.hdfs
jar
- 5.3.3
+ 5.3.4
com.ibm.streamsx.hdfs
@@ -135,7 +135,7 @@
org.apache.hadoop
hadoop-annotations
- 3.3.0
+ 3.3.6
*
@@ -147,7 +147,7 @@
org.apache.hadoop
hadoop-auth
- 3.3.0
+ 3.3.6
*
@@ -159,7 +159,7 @@
org.apache.hadoop
hadoop-common
- 3.3.0
+ 3.3.6
*
@@ -171,7 +171,7 @@
org.apache.hadoop
hadoop-hdfs
- 3.3.0
+ 3.3.6
*
@@ -183,7 +183,7 @@
org.apache.hadoop
hadoop-hdfs-client
- 3.3.0
+ 3.3.6
*
@@ -192,6 +192,22 @@
+
+
+ org.apache.hadoop.thirdparty
+ hadoop-shaded-guava
+ 1.1.1
+
+
+ *
+ *
+
+
+
+
+
+
+
org.apache.htrace
htrace-core4