chore: update suppressions 08122024121813 (#171)

suppressions.xml

@@ -1,12 +1,37 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.3.xsd">
-    <suppress>
+    <suppress until="2024-09-25Z">
         <notes><![CDATA[
-            file name: snakeyaml-1.33.jar
-            Severity: HIGH
-            False positive: We are not parsing untrusted user input. Not used in this repository.
-        ]]></notes>
-        <packageUrl regex="true">^pkg:maven/org\.yaml/snakeyaml@.*$</packageUrl>
-        <cve>CVE-2022-1471</cve>
+    file name: log4j-1.2.17.jar
+       sev: CRITICAL
+         reason: False positive. Reference only
+   ]]></notes>
+        <packageUrl regex="true">^pkg:maven/log4j/log4j@.*$</packageUrl>
+        <cve>CVE-2020-9493</cve>
+        <cve>CVE-2019-17571</cve>
+        <cve>CVE-2022-23302</cve>
+        <cve>CVE-2022-23305</cve>
+        <cve>CVE-2022-23307</cve>
+        <vulnerabilityName>CVE-2021-4104</vulnerabilityName>
+        <cve>CVE-2023-26464</cve>
     </suppress>
-</suppressions>
+    <suppress until="2024-09-25Z">
+        <notes><![CDATA[
+   file name: org.eclipse.jgit-4.4.1.201607150455-r.jar
+       sev: High
+         reason: dependencies of refaster.
+   ]]></notes>
+        <packageUrl regex="true">^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$</packageUrl>
+        <vulnerabilityName>CVE-2023-4759</vulnerabilityName>
+    </suppress>
+    <suppress until="2024-09-25Z">
+        <notes><![CDATA[
+   file name: protobuf-java-3.19.2.jar
+   ]]></notes>
+        <packageUrl regex="true">^pkg:maven/com\.google\.protobuf/protobuf-java@.*$</packageUrl>
+        <cve>CVE-2022-3171</cve>
+        <cve>CVE-2022-3509</cve>
+        <cve>CVE-2022-3510</cve>
+    </suppress>
+
+</suppressions>