diff --git a/elasticsearch/build.gradle b/elasticsearch/build.gradle
index 00bfdfbfe4..fc499124f6 100644
--- a/elasticsearch/build.gradle
+++ b/elasticsearch/build.gradle
@@ -12,8 +12,8 @@ dependencies {
     compile project(':core')
     compile group: 'org.elasticsearch', name: 'elasticsearch', version: "${es_version}"
     compile "io.github.resilience4j:resilience4j-retry:1.5.0"
-    compile group: 'com.fasterxml.jackson.core', name: 'jackson-core', version: '2.10.4'
-    compile group: 'com.fasterxml.jackson.core', name: 'jackson-databind', version: '2.10.4'
+    compile group: 'com.fasterxml.jackson.core', name: 'jackson-core', version: '2.10.5' 
+    compile group: 'com.fasterxml.jackson.core', name: 'jackson-databind', version: '2.10.5.1'
     compile group: 'org.json', name: 'json', version:'20180813'
     compileOnly group: 'org.elasticsearch.client', name: 'elasticsearch-rest-high-level-client', version: "${es_version}"
 
diff --git a/integ-test/build.gradle b/integ-test/build.gradle
index 41f5f51b9c..9c073e7bbc 100644
--- a/integ-test/build.gradle
+++ b/integ-test/build.gradle
@@ -28,6 +28,7 @@ configurations.all {
     // enforce 1.1.3, https://www.whitesourcesoftware.com/vulnerability-database/WS-2019-0379
     resolutionStrategy.force 'commons-codec:commons-codec:1.13'
     resolutionStrategy.force 'com.google.guava:guava:29.0-jre'
+    resolutionStrategy.force 'com.fasterxml.jackson.core:jackson-core:2.10.5'
 }
 
 dependencies {
diff --git a/plugin/build.gradle b/plugin/build.gradle
index 1fb0bf9cfc..dde16120ab 100644
--- a/plugin/build.gradle
+++ b/plugin/build.gradle
@@ -31,6 +31,7 @@ thirdPartyAudit.enabled = false
 configurations.all {
     // conflict with spring-jcl
     exclude group: "commons-logging", module: "commons-logging"
+    resolutionStrategy.force 'com.fasterxml.jackson.core:jackson-core:2.10.5'
     // enforce 1.1.3, https://www.whitesourcesoftware.com/vulnerability-database/WS-2019-0379
     resolutionStrategy.force 'commons-codec:commons-codec:1.13'
     resolutionStrategy.force 'com.google.guava:guava:29.0-jre'
diff --git a/protocol/build.gradle b/protocol/build.gradle
index fb311bcc4b..8259d13217 100644
--- a/protocol/build.gradle
+++ b/protocol/build.gradle
@@ -11,8 +11,8 @@ repositories {
 dependencies {
     // https://github.com/google/guava/wiki/CVE-2018-10237
     compile group: 'com.google.guava', name: 'guava', version: '29.0-jre'
-    compile group: 'com.fasterxml.jackson.core', name: 'jackson-core', version: '2.10.4'
-    compile group: 'com.fasterxml.jackson.core', name: 'jackson-databind', version: '2.10.4'
+    compile group: 'com.fasterxml.jackson.core', name: 'jackson-core', version: '2.10.5' 
+    compile group: 'com.fasterxml.jackson.core', name: 'jackson-databind', version: '2.10.5.1'
     implementation 'com.google.code.gson:gson:2.8.6'
     compile project(':core')
     compile project(':elasticsearch')
diff --git a/sql-jdbc/build.gradle b/sql-jdbc/build.gradle
index 7457c9ef71..a72c310804 100644
--- a/sql-jdbc/build.gradle
+++ b/sql-jdbc/build.gradle
@@ -52,7 +52,7 @@ repositories {
 
 dependencies {
     implementation group: 'org.apache.httpcomponents', name: 'httpclient', version: '4.5.6'
-    implementation group: 'com.fasterxml.jackson.core', name: 'jackson-databind', version: '2.9.7'
+    implementation group: 'com.fasterxml.jackson.core', name: 'jackson-databind', version: '2.10.5'
     implementation group: 'com.amazonaws', name: 'aws-java-sdk-core', version: '1.11.452'
 
     testImplementation('org.junit.jupiter:junit-jupiter-api:5.3.1')