diff --git a/common/scala/build.gradle b/common/scala/build.gradle
index ba1100099fe..b8f26750b31 100644
--- a/common/scala/build.gradle
+++ b/common/scala/build.gradle
@@ -104,6 +104,38 @@ dependencies {
     api ("com.azure:azure-storage-blob:12.7.0") {
         exclude group: "com.azure", module: "azure-core-test"
     }
+
+    // https://nvd.nist.gov/vuln/detail/CVE-2015-5237
+    compile "com.google.protobuf:protobuf-java:${gradle.protobuf.version}"
+    compile "com.google.protobuf:protobuf-java-util:${gradle.protobuf.version}"
+
+    // https://nvd.nist.gov/vuln/detail/CVE-2017-18640
+    compile "org.yaml:snakeyaml:1.27"
+
+    // https://nvd.nist.gov/vuln/detail/CVE-2018-8023
+    compile "org.apache.mesos:mesos:1.4.3"
+
+    // https://nvd.nist.gov/vuln/detail/CVE-2018-20200
+    compile "com.squareup.okhttp3:okhttp:3.12.12"
+
+    // https://nvd.nist.gov/vuln/detail/CVE-2020-7014
+    compile "org.elasticsearch.client:elasticsearch-rest-client:6.8.13"
+
+    // https://nvd.nist.gov/vuln/detail/CVE-2020-11612
+    compile "io.netty:netty-buffer:${gradle.netty.version}"
+    compile "io.netty:netty-handler:${gradle.netty.version}"
+    compile "io.netty:netty-handler-proxy:${gradle.netty.version}"
+    compile "io.netty:netty-codec-socks:${gradle.netty.version}"
+    compile "io.netty:netty-codec-http:${gradle.netty.version}"
+    compile "io.netty:netty-codec-http2:${gradle.netty.version}"
+    compile "io.netty:netty-transport-native-epoll:${gradle.netty.version}"
+    compile "io.netty:netty-transport-native-unix-common:${gradle.netty.version}"
+
+    // https://nvd.nist.gov/vuln/detail/CVE-2020-13956
+    compile "org.apache.httpcomponents:httpclient:4.5.13"
+
+    // https://nvd.nist.gov/vuln/detail/CVE-2020-25649
+    compile "com.fasterxml.jackson.core:jackson-databind:2.10.5.1"
 }
 
 configurations {
diff --git a/core/invoker/build.gradle b/core/invoker/build.gradle
index 27da757ca56..78e940481cd 100644
--- a/core/invoker/build.gradle
+++ b/core/invoker/build.gradle
@@ -42,7 +42,9 @@ dependencies {
     implementation ("org.apache.curator:curator-recipes:${gradle.curator.version}") {
         exclude group: 'org.apache.zookeeper', module:'zookeeper'
     }
-    implementation ("org.apache.zookeeper:zookeeper:3.4.11") {
+
+    // https://nvd.nist.gov/vuln/detail/CVE-2019-0201
+    implementation ("org.apache.zookeeper:zookeeper:3.4.14") {
         exclude group: 'org.slf4j'
         exclude group: 'log4j'
         exclude group: 'jline'
diff --git a/settings.gradle b/settings.gradle
index 4326e8574a9..c014731d0a5 100644
--- a/settings.gradle
+++ b/settings.gradle
@@ -79,4 +79,6 @@ gradle.ext.akka_http = [version : '10.2.4']
 gradle.ext.akka_management = [version : '1.0.5']
 
 gradle.ext.curator = [version : '4.0.0']
+gradle.ext.netty = [version : '4.1.55.Final']
+gradle.ext.protobuf = [version : '3.14.0']
 gradle.ext.kube_client = [version: '4.10.3']