diff --git a/packages/strapi-plugin-users-permissions/.snyk b/packages/strapi-plugin-users-permissions/.snyk
index c0842eff7ae..3e51bf21e48 100644
--- a/packages/strapi-plugin-users-permissions/.snyk
+++ b/packages/strapi-plugin-users-permissions/.snyk
@@ -1,5 +1,5 @@
 # Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
-version: v1.12.0
+version: v1.25.0
 # ignores vulnerabilities until expiry date; change duration by modifying expiry date
 ignore:
   shelljs:
@@ -14,4 +14,16 @@ ignore:
     - '*':
         reason: Temporarily ignore
         expires: 2019-01-31T00:00:00.000Z
-patch: {}
+# patches apply the minimum changes required to fix a vulnerability
+patch:
+  SNYK-JS-LODASH-567746:
+    - strapi-helper-plugin > lodash:
+        patched: '2022-10-05T16:22:04.940Z'
+    - strapi-utils > lodash:
+        patched: '2022-10-05T16:22:04.940Z'
+    - strapi-helper-plugin > @buffetjs/custom > lodash:
+        patched: '2022-10-05T16:22:04.940Z'
+    - strapi-helper-plugin > @buffetjs/custom > @buffetjs/core > lodash:
+        patched: '2022-10-05T16:22:04.940Z'
+    - strapi-helper-plugin > @buffetjs/custom > @buffetjs/core > @buffetjs/utils > lodash:
+        patched: '2022-10-05T16:22:04.940Z'
diff --git a/packages/strapi-plugin-users-permissions/package.json b/packages/strapi-plugin-users-permissions/package.json
index a3c3012983a..fbe17dc61b5 100644
--- a/packages/strapi-plugin-users-permissions/package.json
+++ b/packages/strapi-plugin-users-permissions/package.json
@@ -9,22 +9,24 @@
     "required": true
   },
   "scripts": {
-    "test": "echo \"no tests yet\""
+    "test": "echo \"no tests yet\"",
+    "prepublish": "npm run snyk-protect",
+    "snyk-protect": "snyk-protect"
   },
   "dependencies": {
     "@buffetjs/core": "3.3.3-next.2",
-    "@buffetjs/custom": "3.3.3-next.2",
+    "@buffetjs/custom": "3.3.7",
     "@buffetjs/hooks": "3.3.3-next.2",
     "@buffetjs/icons": "3.3.3-next.2",
     "@buffetjs/styles": "3.3.3-next.2",
-    "@buffetjs/utils": "3.3.3-next.2",
+    "@buffetjs/utils": "3.3.7",
     "@purest/providers": "^1.0.2",
     "bcryptjs": "^2.4.3",
     "grant-koa": "5.4.8",
     "immutable": "^3.8.2",
     "jsonwebtoken": "^8.1.0",
-    "koa2-ratelimit": "^0.9.0",
-    "lodash": "4.17.19",
+    "koa2-ratelimit": "^1.0.0",
+    "lodash": "4.17.21",
     "purest": "3.1.0",
     "react": "^16.13.1",
     "react-dom": "^16.9.0",
@@ -37,7 +39,8 @@
     "request": "^2.83.0",
     "strapi-helper-plugin": "3.4.1",
     "strapi-utils": "3.4.1",
-    "uuid": "^3.1.0"
+    "uuid": "^3.1.0",
+    "@snyk/protect": "latest"
   },
   "devDependencies": {
     "koa": "^2.8.0"
@@ -63,5 +66,6 @@
     "npm": ">=6.0.0"
   },
   "license": "SEE LICENSE IN LICENSE",
-  "gitHead": "231263a3535658bab1e9492c6aaaed8692d62a53"
+  "gitHead": "231263a3535658bab1e9492c6aaaed8692d62a53",
+  "snyk": true
 }