diff --git a/deps.edn b/deps.edn
index c1f43b9..beb8509 100644
--- a/deps.edn
+++ b/deps.edn
@@ -1,21 +1,22 @@
 {:paths ["src/main/clojure" "src/main/resources"]
  :deps {
    org.clojure/clojure {:mvn/version "1.10.3"}
-   org.apache.maven.resolver/maven-resolver-api {:mvn/version "1.8.2"}
-   org.apache.maven.resolver/maven-resolver-spi {:mvn/version "1.8.2"}
-   org.apache.maven.resolver/maven-resolver-impl {:mvn/version "1.8.2"}
-   org.apache.maven.resolver/maven-resolver-util {:mvn/version "1.8.2"}
-   org.apache.maven.resolver/maven-resolver-connector-basic {:mvn/version "1.8.2"}
-   org.apache.maven.resolver/maven-resolver-transport-file {:mvn/version "1.8.2"}
-   org.apache.maven.resolver/maven-resolver-transport-http {:mvn/version "1.8.2"}
-   org.apache.maven/maven-resolver-provider {:mvn/version "3.8.6"}
-   org.apache.maven/maven-core {:mvn/version "3.8.6" exclusions [commons-io/commons-io com.google.guava/guava]}
-     commons-io/commons-io {:mvn/version "2.15.1"} ;; update transitive dep due to CVE-2021-29425
-     com.google.guava/guava {:mvn/version "31.1-android"} ;; update transitive dep due to CVE-2020-8908
+   org.apache.maven.resolver/maven-resolver-api {:mvn/version "1.9.18"}
+   org.apache.maven.resolver/maven-resolver-spi {:mvn/version "1.9.18"}
+   org.apache.maven.resolver/maven-resolver-impl {:mvn/version "1.9.18"}
+   org.apache.maven.resolver/maven-resolver-util {:mvn/version "1.9.18"}
+   org.apache.maven.resolver/maven-resolver-connector-basic {:mvn/version "1.9.18"}
+   org.apache.maven.resolver/maven-resolver-transport-file {:mvn/version "1.9.18"}
+   org.apache.maven.resolver/maven-resolver-transport-http {:mvn/version "1.9.18"}
+   org.apache.maven/maven-resolver-provider {:mvn/version "3.9.6"}
+   org.apache.maven/maven-core {:mvn/version "3.9.6"}
    org.clojure/data.xml {:mvn/version "0.2.0-alpha8"}
    org.clojure/tools.gitlibs {:mvn/version "2.5.197"}
    org.clojure/tools.cli {:mvn/version "1.0.219"}
-   com.cognitect.aws/api {:mvn/version "0.8.686"}
+   com.cognitect.aws/api {:mvn/version "0.8.686" :exclusions [org.eclipse.jetty/jetty-http org.eclipse.jetty/jetty-client org.eclipse.jetty/jetty-util]}  ;; override for CVEs
+     org.eclipse.jetty/jetty-http {:mvn/version "9.4.53.v20231009"}
+     org.eclipse.jetty/jetty-client {:mvn/version "9.4.53.v20231009"}
+     org.eclipse.jetty/jetty-util {:mvn/version "9.4.53.v20231009"}
    com.cognitect.aws/endpoints {:mvn/version "1.1.12.504"}
    com.cognitect.aws/s3 {:mvn/version "848.2.1413.0"}
    javax.inject/javax.inject {:mvn/version "1"}
diff --git a/pom.xml b/pom.xml
index db01663..c3dd217 100644
--- a/pom.xml
+++ b/pom.xml
@@ -21,8 +21,8 @@
     <!-- used for build -->
     <clojure.warnOnReflection>true</clojure.warnOnReflection>
     <clojure.version>1.10.3</clojure.version>
-    <resolverVersion>1.8.2</resolverVersion>
-    <mavenVersion>3.8.6</mavenVersion>
+    <resolverVersion>1.9.18</resolverVersion>
+    <mavenVersion>3.9.6</mavenVersion>
 
     <!-- default published in install deps.edn -->
     <clojure.default>1.10.3</clojure.default>
@@ -78,26 +78,6 @@
       <groupId>org.apache.maven</groupId>
       <artifactId>maven-core</artifactId>
       <version>${mavenVersion}</version>
-	    <exclusions>
-        <exclusion> <!-- CVE-2021-29425 -->
-          <groupId>commons-io</groupId>
-          <artifactId>commons-io</artifactId>
-        </exclusion>
-        <exclusion> <!-- CVE-2020-8908 -->
-          <groupId>com.google.guava</groupId>
-          <artifactId>guava</artifactId>
-        </exclusion>
-      </exclusions>
-    </dependency>
-    <dependency> <!-- overridden transitive dep -->
-      <groupId>commons-io</groupId>
-      <artifactId>commons-io</artifactId>
-      <version>2.15.1</version>
-    </dependency>
-    <dependency> <!-- overridden transitive dep -->
-      <groupId>com.google.guava</groupId>
-      <artifactId>guava</artifactId>
-      <version>31.1-android</version>
     </dependency>
     <dependency>
       <groupId>org.slf4j</groupId>
@@ -124,6 +104,35 @@
       <groupId>com.cognitect.aws</groupId>
       <artifactId>api</artifactId>
       <version>0.8.686</version>
+      <exclusions>
+        <exclusion>
+          <groupId>org.eclipse.jetty</groupId>
+          <artifactId>jetty-http</artifactId>
+        </exclusion>
+        <exclusion>
+          <groupId>org.eclipse.jetty</groupId>
+          <artifactId>jetty-client</artifactId>
+        </exclusion>
+        <exclusion>
+          <groupId>org.eclipse.jetty</groupId>
+          <artifactId>jetty-util</artifactId>
+        </exclusion>
+      </exclusions>
+    </dependency>
+    <dependency> <!-- override for CVE fixes -->
+      <groupId>org.eclipse.jetty</groupId>
+      <artifactId>jetty-http</artifactId>
+      <version>9.4.53.v20231009</version>
+    </dependency>
+    <dependency> <!-- override for CVE fixes -->
+      <groupId>org.eclipse.jetty</groupId>
+      <artifactId>jetty-client</artifactId>
+      <version>9.4.53.v20231009</version>
+    </dependency>
+    <dependency> <!-- override for CVE fixes -->
+      <groupId>org.eclipse.jetty</groupId>
+      <artifactId>jetty-client</artifactId>
+      <version>9.4.53.v20231009</version>
     </dependency>
     <dependency>
       <groupId>com.cognitect.aws</groupId>