diff --git a/config/owasp/suppressions.xml b/config/owasp/suppressions.xml
index 52d63ee3..05a4b34a 100644
--- a/config/owasp/suppressions.xml
+++ b/config/owasp/suppressions.xml
@@ -1,17 +1,5 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.3.xsd">
-  <suppress>
-    <notes>SnakeYaml's Constructor() class does not restrict types which can be instantiated during deserialization.
-    </notes>
-    <cve>CVE-2022-1471</cve>
-    <cve>CVE-2022-25857</cve>
-  </suppress>
-  <suppress>
-    <notes>
-      liquibase-core core needs major version latest 4.2.2. not resolving current CVE issue.
-    </notes>
-    <cve>CVE-2022-0839</cve>
-  </suppress>
   <suppress>
     <notes>
       Jackson core needs major version latest 2.12.7  not resolving current CVE issue. Same applies to json-path version 2.4.0.
diff --git a/cve-resolution-strategy.gradle b/cve-resolution-strategy.gradle
index 2d4a6b3f..015669db 100644
--- a/cve-resolution-strategy.gradle
+++ b/cve-resolution-strategy.gradle
@@ -15,7 +15,7 @@ configurations.all {
 
       /*CVE-2022-25857, CVE-2022-38749, CVE-2022-38750, CVE-2022-38751 */
       if (details.requested.name == 'snakeyaml') {
-        details.useVersion '1.33'
+        details.useVersion '2.2'
       }
 
       /*