diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index da8434c32b6..00c39c7c5f0 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -186,10 +186,11 @@ jobs:
           draft: false
           body: |
             ### Changes
-            - The maven plugin now includes pnpm and yarn lock files in the scan by default (#4753).
-            - If a suppression rule is no longer used a log entry will be written (#4685).
-            - Several bug fixes made and suppression rules added.
-            - See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/47?closed=1).
+            - Add support for Bazel's pinned `maven_install.json` (#4772).
+            - Fixed bug preventing the use of custom report templates (#4800).
+            - Updated several dependencies including upgrades for dependencies with CVEs.
+            - Several bug fixes made and suppression rules were added.
+            - See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/48?closed=1).
 
       - name: Upload CLI
         id: upload-release-cli
diff --git a/ant/pom.xml b/ant/pom.xml
index a4d77d1ef94..6f694af4f40 100644
--- a/ant/pom.xml
+++ b/ant/pom.xml
@@ -20,7 +20,7 @@ Copyright (c) 2013 - Jeremy Long. All Rights Reserved.
     <parent>
         <groupId>org.owasp</groupId>
         <artifactId>dependency-check-parent</artifactId>
-        <version>7.1.3-SNAPSHOT</version>
+        <version>7.2.1-SNAPSHOT</version>
     </parent>
 
     <artifactId>dependency-check-ant</artifactId>
diff --git a/archetype/pom.xml b/archetype/pom.xml
index eeceba5affe..d06e1b29908 100644
--- a/archetype/pom.xml
+++ b/archetype/pom.xml
@@ -20,7 +20,7 @@ Copyright (c) 2017 Jeremy Long. All Rights Reserved.
     <parent>
         <groupId>org.owasp</groupId>
         <artifactId>dependency-check-parent</artifactId>
-        <version>7.1.3-SNAPSHOT</version>
+        <version>7.2.1-SNAPSHOT</version>
     </parent>
     <artifactId>dependency-check-plugin</artifactId>
     <name>Dependency-Check Plugin Archetype</name>
diff --git a/cli/pom.xml b/cli/pom.xml
index c185c5fd193..5ae7db0e316 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -20,7 +20,7 @@ Copyright (c) 2012 - Jeremy Long. All Rights Reserved.
     <parent>
         <groupId>org.owasp</groupId>
         <artifactId>dependency-check-parent</artifactId>
-        <version>7.1.3-SNAPSHOT</version>
+        <version>7.2.1-SNAPSHOT</version>
     </parent>
 
     <artifactId>dependency-check-cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 46877193cf2..0fbc34ba9d3 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -20,7 +20,7 @@ Copyright (c) 2012 Jeremy Long. All Rights Reserved.
     <parent>
         <groupId>org.owasp</groupId>
         <artifactId>dependency-check-parent</artifactId>
-        <version>7.1.3-SNAPSHOT</version>
+        <version>7.2.1-SNAPSHOT</version>
     </parent>
 
     <artifactId>dependency-check-core</artifactId>
@@ -268,10 +268,12 @@ Copyright (c) 2012 Jeremy Long. All Rights Reserved.
         <dependency>
             <groupId>com.fasterxml.jackson.core</groupId>
             <artifactId>jackson-databind</artifactId>
+            <version>${jackson.version}</version>
         </dependency>
         <dependency>
             <groupId>com.fasterxml.jackson.module</groupId>
             <artifactId>jackson-module-afterburner</artifactId>
+            <version>${jackson.version}</version>
         </dependency>
         <dependency>
             <groupId>com.h3xstream.retirejs</groupId>
diff --git a/core/src/main/resources/dependencycheck-base-suppression.xml b/core/src/main/resources/dependencycheck-base-suppression.xml
index 8600a016ffb..03fa310df14 100644
--- a/core/src/main/resources/dependencycheck-base-suppression.xml
+++ b/core/src/main/resources/dependencycheck-base-suppression.xml
@@ -1,5 +1,40 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.3.xsd">
+    <suppress base="true">
+        <notes><![CDATA[
+        obvious fp - currently not returning any CVEs
+        ]]></notes>
+        <packageUrl regex="true">^pkg:maven/commons\-cli/commons\-cli@.*$</packageUrl>
+        <cpe>cpe:/a:spirit-project:spirit</cpe>
+    </suppress>
+    <suppress base="true">
+        <notes><![CDATA[
+        obvious fp - currently not returning any CVEs
+        ]]></notes>
+        <packageUrl regex="true">^pkg:maven/javax\.xml\.bind/jaxb\-api@.*$</packageUrl>
+        <cpe>cpe:/a:oracle:java_se</cpe>
+    </suppress>
+    <suppress base="true">
+        <notes><![CDATA[
+        obvious fp - currently not returning any CVEs
+        ]]></notes>
+        <packageUrl regex="true">^pkg:maven/joda\-time/joda\-time@.*$</packageUrl>
+        <cpe>cpe:/a:time_project:time</cpe>
+    </suppress>
+    <suppress base="true">
+        <notes><![CDATA[
+        obvious fp - currently not returning any CVEs
+        ]]></notes>
+        <packageUrl regex="true">^pkg:maven/javax\.ws\.rs/javax\.ws\.rs\-api@.*$</packageUrl>
+        <cpe>cpe:/a:oracle:web_services</cpe>
+    </suppress>
+    <suppress base="true">
+        <notes><![CDATA[
+        obvious fp - currently not returning any CVEs
+        ]]></notes>
+        <packageUrl regex="true">^pkg:maven/org\.sonatype\.ossindex/ossindex\-service\-api@.*$</packageUrl>
+        <cpe>cpe:/a:service_project:service</cpe>
+    </suppress>
     <suppress base="true">
         <notes><![CDATA[
             FP per issue #4180, #4188, #4189, #4190
@@ -4536,33 +4571,33 @@
         <cpe>cpe:/a:oracle:projects</cpe>
     </suppress>
     <suppress base="true">
-       <notes><![CDATA[
+        <notes><![CDATA[
        FP per issue #4140, 4256
        ]]></notes>
-       <packageUrl regex="true">^pkg:maven/org\.aspectj/aspectj.*@.*$</packageUrl>
-       <cpe>cpe:/a:vmware:tools</cpe>
+        <packageUrl regex="true">^pkg:maven/org\.aspectj/aspectj.*@.*$</packageUrl>
+        <cpe>cpe:/a:vmware:tools</cpe>
     </suppress>
     <suppress base="true">
-       <notes><![CDATA[
+        <notes><![CDATA[
        FP per issue #4149
        ]]></notes>
-       <packageUrl regex="true">^pkg:maven/org\.apache\.kafka/kafka-log4j-appender@.*$</packageUrl>
-       <cpe>cpe:/a:apache:log4j</cpe>
-       <cpe>cpe:/a:apache:kafka</cpe>
+        <packageUrl regex="true">^pkg:maven/org\.apache\.kafka/kafka-log4j-appender@.*$</packageUrl>
+        <cpe>cpe:/a:apache:log4j</cpe>
+        <cpe>cpe:/a:apache:kafka</cpe>
     </suppress>
     <suppress base="true">
-       <notes><![CDATA[
+        <notes><![CDATA[
        FP per issue #4156
        ]]></notes>
-       <packageUrl regex="true">^pkg:maven/com\.lightbend\.akka\.management/akka-management-cluster-bootstrap_2\.13@.*$</packageUrl>
-       <cpe>cpe:/a:akka:akka</cpe>
+        <packageUrl regex="true">^pkg:maven/com\.lightbend\.akka\.management/akka-management-cluster-bootstrap_2\.13@.*$</packageUrl>
+        <cpe>cpe:/a:akka:akka</cpe>
     </suppress>
     <suppress base="true">
-       <notes><![CDATA[
+        <notes><![CDATA[
        FP per issue #4154
        ]]></notes>
-       <packageUrl regex="true">^pkg:maven/io\.netty/netty-tcnative-boringssl-static@.*$</packageUrl>
-       <cpe>cpe:/a:chromium:chromium</cpe>
+        <packageUrl regex="true">^pkg:maven/io\.netty/netty-tcnative-boringssl-static@.*$</packageUrl>
+        <cpe>cpe:/a:chromium:chromium</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -4698,8 +4733,8 @@
         <notes><![CDATA[
    	    FP per issue #4368, #4384, #4369 async_project:async is an npm package
    	    ]]></notes>
-   	    <packageUrl regex="true">^pkg:maven/.*async.*@.*$</packageUrl>
-   	    <cpe>cpe:/a:async_project:async</cpe>
+        <packageUrl regex="true">^pkg:maven/.*async.*@.*$</packageUrl>
+        <cpe>cpe:/a:async_project:async</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
diff --git a/maven/pom.xml b/maven/pom.xml
index 856d6650db4..4bcfa00901a 100644
--- a/maven/pom.xml
+++ b/maven/pom.xml
@@ -20,7 +20,7 @@ Copyright (c) 2013 Jeremy Long. All Rights Reserved.
     <parent>
         <groupId>org.owasp</groupId>
         <artifactId>dependency-check-parent</artifactId>
-        <version>7.1.3-SNAPSHOT</version>
+        <version>7.2.1-SNAPSHOT</version>
     </parent>
     <artifactId>dependency-check-maven</artifactId>
     <packaging>maven-plugin</packaging>
diff --git a/pom.xml b/pom.xml
index 49259389ecd..60a15eab96d 100644
--- a/pom.xml
+++ b/pom.xml
@@ -20,7 +20,7 @@ Copyright (c) 2012 - Jeremy Long
 
     <groupId>org.owasp</groupId>
     <artifactId>dependency-check-parent</artifactId>
-    <version>7.1.3-SNAPSHOT</version>
+    <version>7.2.1-SNAPSHOT</version>
     <packaging>pom</packaging>
 
     <modules>
@@ -165,7 +165,7 @@ Copyright (c) 2012 - Jeremy Long
         <groovy-all.version>2.4.21</groovy-all.version>
         <gmavenplus-plugin.version>1.13.1</gmavenplus-plugin.version>
         <com.h3xstream.retirejs.core.version>3.0.3</com.h3xstream.retirejs.core.version>
-        
+        <jackson.version>2.13.4</jackson.version>
         <!--necassary for some IDEs to be able to execute test cases (Netbeans)-->
         <surefireArgLine />
         
@@ -1096,7 +1096,7 @@ Copyright (c) 2012 - Jeremy Long
             <dependency>
                 <groupId>com.fasterxml.jackson</groupId>
                 <artifactId>jackson-bom</artifactId>
-                <version>2.13.4</version>
+                <version>${jackson.version}</version>
                 <type>pom</type>
                 <scope>import</scope>
             </dependency>
diff --git a/utils/pom.xml b/utils/pom.xml
index c5e4b309826..9a9aa911993 100644
--- a/utils/pom.xml
+++ b/utils/pom.xml
@@ -20,7 +20,7 @@ Copyright (c) 2014 - Jeremy Long. All Rights Reserved.
     <parent>
         <groupId>org.owasp</groupId>
         <artifactId>dependency-check-parent</artifactId>
-        <version>7.1.3-SNAPSHOT</version>
+        <version>7.2.1-SNAPSHOT</version>
     </parent>
 
     <artifactId>dependency-check-utils</artifactId>
@@ -52,6 +52,7 @@ Copyright (c) 2014 - Jeremy Long. All Rights Reserved.
         <dependency>
             <groupId>com.fasterxml.jackson.core</groupId>
             <artifactId>jackson-databind</artifactId>
+            <version>${jackson.version}</version>
         </dependency>
         <dependency>
             <groupId>commons-codec</groupId>