build: snappy seems to be a false positive
diff --git a/other/checkstyle-rules/src/main/resources/tobago/dependency-check-suppression-for-tobago-2.x.xml b/other/checkstyle-rules/src/main/resources/tobago/dependency-check-suppression-for-tobago-2.x.xml
index fd9f580..148e940 100644
--- a/other/checkstyle-rules/src/main/resources/tobago/dependency-check-suppression-for-tobago-2.x.xml
+++ b/other/checkstyle-rules/src/main/resources/tobago/dependency-check-suppression-for-tobago-2.x.xml
@@ -68,4 +68,9 @@
     <gav regex="true">^org\.slf4j/log4j\-over\-slf4j.*$</gav>
     <cve>CVE-2020-9488</cve>
   </suppress>
+  <suppress>
+    <notes><![CDATA[ file name: snappy-0.4.jar ]]></notes>
+    <packageUrl regex="true">^pkg:maven/org\.iq80\.snappy/snappy@.*$</packageUrl>
+    <cve>CVE-2018-6353</cve>
+  </suppress>
 </suppressions>