diff --git a/.gitignore b/.gitignore
index 6f2dcc0..1af24cc 100644
--- a/.gitignore
+++ b/.gitignore
@@ -41,3 +41,4 @@ build/
 /tools/*
 !/tools/*.bat
 !/tools/*.sh
+pom.xml.versionsBackup
diff --git a/owasp/suppressions.xml b/owasp/suppressions.xml
index 3fd8b02..5ff56ad 100644
--- a/owasp/suppressions.xml
+++ b/owasp/suppressions.xml
@@ -4,4 +4,12 @@
     <notes>no YAML content from users is parsed within this service</notes>
     <cve>CVE-2022-1471</cve>
   </suppress>
+  <suppress>
+    <notes>False positive</notes>
+    <cve>CVE-2022-45688</cve>
+  </suppress>
+  <suppress>
+    <notes>No fix available, still analyzed</notes>
+    <cve>CVE-2023-35116</cve>
+  </suppress>
 </suppressions>
diff --git a/pom.xml b/pom.xml
index 9270a25..77878df 100644
--- a/pom.xml
+++ b/pom.xml
@@ -1,13 +1,12 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <project xmlns="http://maven.apache.org/POM/4.0.0"
-         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
     <modelVersion>4.0.0</modelVersion>
 
     <parent>
         <groupId>org.springframework.cloud</groupId>
         <artifactId>spring-cloud-starter-parent</artifactId>
-        <version>2022.0.1</version>
+        <version>2022.0.3</version>
         <relativePath/>
     </parent>
 
@@ -30,17 +29,18 @@
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
         <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
         <!-- dependencies -->
+
         <owasp.version>8.0.2</owasp.version>
-        <bcpkix.version>1.72</bcpkix.version>
-        <lombok.version>1.18.24</lombok.version>
-        <mapstruct.version>1.5.3.Final</mapstruct.version>
-        <commonsio.version>2.11.0</commonsio.version>
+        <bcpkix.version>1.74</bcpkix.version>
+        <lombok.version>1.18.28</lombok.version>
+        <mapstruct.version>1.5.5.Final</mapstruct.version>
+        <commonsio.version>2.13.0</commonsio.version>
         <cbor.version>4.5.2</cbor.version>
-        <mockwebserver.version>4.10.0</mockwebserver.version>
-        <plugin.checkstyle.version>3.2.1</plugin.checkstyle.version>
+        <mockwebserver.version>5.0.0-alpha.11</mockwebserver.version>
+        <plugin.checkstyle.version>3.3.0</plugin.checkstyle.version>
         <plugin.sonar.version>3.9.1.2184</plugin.sonar.version>
-        <plugin.surefire.version>3.0.0-M8</plugin.surefire.version>
-        <plugin.jacoco.version>0.8.8</plugin.jacoco.version>
+        <plugin.surefire.version>3.1.2</plugin.surefire.version>
+        <plugin.jacoco.version>0.8.10</plugin.jacoco.version>
 
         <!-- license -->
         <license.projectName>EU Digital Green Certificate Gateway Service / dgc-lib</license.projectName>
@@ -87,6 +87,17 @@
         <dependency>
             <groupId>org.springframework.cloud</groupId>
             <artifactId>spring-cloud-starter-openfeign</artifactId>
+            <exclusions>
+                <exclusion>
+                    <groupId>commons-fileupload</groupId>
+                    <artifactId>commons-fileupload</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>
+        <dependency>
+            <groupId>commons-fileupload</groupId>
+            <artifactId>commons-fileupload</artifactId>
+            <version>1.5</version>
         </dependency>
         <dependency>
             <groupId>io.github.openfeign</groupId>
@@ -120,10 +131,22 @@
         <dependency>
             <groupId>com.fasterxml.jackson.core</groupId>
             <artifactId>jackson-databind</artifactId>
+            <version>2.15.2</version>
+        </dependency>
+        <dependency>
+            <groupId>com.fasterxml.jackson.core</groupId>
+            <artifactId>jackson-core</artifactId>
+            <version>2.15.2</version>
         </dependency>
         <dependency>
             <groupId>com.fasterxml.jackson.datatype</groupId>
             <artifactId>jackson-datatype-jsr310</artifactId>
+            <version>2.15.2</version>
+        </dependency>
+        <dependency>
+            <groupId>com.fasterxml.jackson.core</groupId>
+            <artifactId>jackson-annotations</artifactId>
+            <version>2.15.2</version>
         </dependency>
         <dependency>
             <groupId>org.springframework.boot</groupId>
diff --git a/src/main/java/eu/europa/ec/dgc/DgcLibAutoConfiguration.java b/src/main/java/eu/europa/ec/dgc/DgcLibAutoConfiguration.java
index 605ea32..f410a36 100644
--- a/src/main/java/eu/europa/ec/dgc/DgcLibAutoConfiguration.java
+++ b/src/main/java/eu/europa/ec/dgc/DgcLibAutoConfiguration.java
@@ -23,7 +23,6 @@
 import org.springframework.boot.autoconfigure.AutoConfiguration;
 import org.springframework.boot.context.properties.EnableConfigurationProperties;
 import org.springframework.context.annotation.ComponentScan;
-import org.springframework.context.annotation.Configuration;
 
 @AutoConfiguration
 @ComponentScan("eu.europa.ec.dgc")
