diff --git a/.github/workflows/build-ffmpeg.yml b/.github/workflows/build-ffmpeg.yml
index c13c81677e..3d4e447aa8 100644
--- a/.github/workflows/build-ffmpeg.yml
+++ b/.github/workflows/build-ffmpeg.yml
@@ -4,6 +4,9 @@ on:
   push:
     paths:
       - '.ffmpeg/Dockerfile'
+  pull_request:
+    paths:
+      - '.ffmpeg/Dockerfile'
   workflow_dispatch:
     inputs:
       release:
diff --git a/Base/Dockerfile b/Base/Dockerfile
index eb0d5f277d..8a7145772c 100644
--- a/Base/Dockerfile
+++ b/Base/Dockerfile
@@ -130,6 +130,8 @@ RUN --mount=type=secret,id=SEL_PASSWD \
         org.seleniumhq.selenium:selenium-session-map-jdbc:${MVN_SELENIUM_VERSION} \
         org.postgresql:postgresql:${POSTGRESQL_VERSION} \
         org.seleniumhq.selenium:selenium-session-map-redis:${MVN_SELENIUM_VERSION} \
+        # Patch specific version for CVEs in the dependencies
+        io.lettuce:lettuce-core:6.5.1.RELEASE \
         > /external_jars/.classpath_session_map.txt \
         && chmod 664 /external_jars/.classpath_session_map.txt ; \
      fi \
@@ -185,6 +187,7 @@ ENV SE_BIND_HOST=false \
     SE_STRUCTURED_LOGS=false \
     SE_ENABLE_TRACING=true \
     SE_ENABLE_TLS=false \
+    SE_JAVA_HTTPCLIENT_VERSION="HTTP_1_1" \
     SE_JAVA_SSL_TRUST_STORE="/opt/selenium/secrets/server.jks" \
     SE_JAVA_SSL_TRUST_STORE_PASSWORD="/opt/selenium/secrets/server.pass" \
     SE_JAVA_DISABLE_HOSTNAME_VERIFICATION=true \
diff --git a/Distributor/start-selenium-grid-distributor.sh b/Distributor/start-selenium-grid-distributor.sh
index b078a3a26f..15ba53ed19 100755
--- a/Distributor/start-selenium-grid-distributor.sh
+++ b/Distributor/start-selenium-grid-distributor.sh
@@ -179,6 +179,10 @@ else
   echo "Tracing is disabled"
 fi
 
+if [ -n "${SE_JAVA_HTTPCLIENT_VERSION}" ]; then
+  SE_JAVA_OPTS="$SE_JAVA_OPTS -Dwebdriver.httpclient.version=${SE_JAVA_HTTPCLIENT_VERSION}"
+fi
+
 java ${JAVA_OPTS:-$SE_JAVA_OPTS} \
   -jar /opt/selenium/selenium-server.jar \
   ${EXTRA_LIBS} \
diff --git a/EventBus/start-selenium-grid-eventbus.sh b/EventBus/start-selenium-grid-eventbus.sh
index eef526ea38..258d094aca 100755
--- a/EventBus/start-selenium-grid-eventbus.sh
+++ b/EventBus/start-selenium-grid-eventbus.sh
@@ -109,6 +109,10 @@ else
   echo "Tracing is disabled"
 fi
 
+if [ -n "${SE_JAVA_HTTPCLIENT_VERSION}" ]; then
+  SE_JAVA_OPTS="$SE_JAVA_OPTS -Dwebdriver.httpclient.version=${SE_JAVA_HTTPCLIENT_VERSION}"
+fi
+
 java ${JAVA_OPTS:-$SE_JAVA_OPTS} \
   -jar /opt/selenium/selenium-server.jar \
   ${EXTRA_LIBS} event-bus \
diff --git a/Hub/start-selenium-grid-hub.sh b/Hub/start-selenium-grid-hub.sh
index e01ba444c4..d4d06524bf 100755
--- a/Hub/start-selenium-grid-hub.sh
+++ b/Hub/start-selenium-grid-hub.sh
@@ -159,6 +159,10 @@ else
   echo "Tracing is disabled"
 fi
 
+if [ -n "${SE_JAVA_HTTPCLIENT_VERSION}" ]; then
+  SE_JAVA_OPTS="$SE_JAVA_OPTS -Dwebdriver.httpclient.version=${SE_JAVA_HTTPCLIENT_VERSION}"
+fi
+
 java ${JAVA_OPTS:-$SE_JAVA_OPTS} \
   -jar /opt/selenium/selenium-server.jar \
   ${EXTRA_LIBS} \
diff --git a/NodeBase/start-selenium-node.sh b/NodeBase/start-selenium-node.sh
index 839c1b1df7..c766fa5b1f 100755
--- a/NodeBase/start-selenium-node.sh
+++ b/NodeBase/start-selenium-node.sh
@@ -171,6 +171,10 @@ CHROME_DRIVER_PATH_PROPERTY=-Dwebdriver.chrome.driver=/usr/bin/chromedriver
 EDGE_DRIVER_PATH_PROPERTY=-Dwebdriver.edge.driver=/usr/bin/msedgedriver
 GECKO_DRIVER_PATH_PROPERTY=-Dwebdriver.gecko.driver=/usr/bin/geckodriver
 
+if [ -n "${SE_JAVA_HTTPCLIENT_VERSION}" ]; then
+  SE_JAVA_OPTS="$SE_JAVA_OPTS -Dwebdriver.httpclient.version=${SE_JAVA_HTTPCLIENT_VERSION}"
+fi
+
 java ${JAVA_OPTS:-$SE_JAVA_OPTS} \
   ${CHROME_DRIVER_PATH_PROPERTY} \
   ${EDGE_DRIVER_PATH_PROPERTY} \
diff --git a/NodeDocker/start-selenium-grid-docker.sh b/NodeDocker/start-selenium-grid-docker.sh
index 7297abebe8..6c6e9c57f1 100755
--- a/NodeDocker/start-selenium-grid-docker.sh
+++ b/NodeDocker/start-selenium-grid-docker.sh
@@ -119,6 +119,10 @@ else
   echo "Tracing is disabled"
 fi
 
+if [ -n "${SE_JAVA_HTTPCLIENT_VERSION}" ]; then
+  SE_JAVA_OPTS="$SE_JAVA_OPTS -Dwebdriver.httpclient.version=${SE_JAVA_HTTPCLIENT_VERSION}"
+fi
+
 java ${JAVA_OPTS:-$SE_JAVA_OPTS} \
   -jar /opt/selenium/selenium-server.jar \
   ${EXTRA_LIBS} node \
diff --git a/NodeFirefox/Dockerfile b/NodeFirefox/Dockerfile
index 63d5264fe0..c2b85afb63 100644
--- a/NodeFirefox/Dockerfile
+++ b/NodeFirefox/Dockerfile
@@ -58,6 +58,9 @@ RUN apt-get update -qqy && \
   fi \
   # Download the language pack for Firefox
   && /opt/bin/get_lang_package.sh \
+  # Do one more upgrade to fix possible CVEs from Firefox dependencies
+  && apt-get update -qqy \
+  && apt-get upgrade -yq \
   && rm -rf /var/lib/apt/lists/* /var/cache/apt/*
 
 #============
diff --git a/Router/start-selenium-grid-router.sh b/Router/start-selenium-grid-router.sh
index a81af0b2b3..3c67c1ff51 100755
--- a/Router/start-selenium-grid-router.sh
+++ b/Router/start-selenium-grid-router.sh
@@ -160,6 +160,10 @@ else
   echo "Tracing is disabled"
 fi
 
+if [ -n "${SE_JAVA_HTTPCLIENT_VERSION}" ]; then
+  SE_JAVA_OPTS="$SE_JAVA_OPTS -Dwebdriver.httpclient.version=${SE_JAVA_HTTPCLIENT_VERSION}"
+fi
+
 java ${JAVA_OPTS:-$SE_JAVA_OPTS} \
   -jar /opt/selenium/selenium-server.jar \
   ${EXTRA_LIBS} router \
diff --git a/SessionQueue/start-selenium-grid-session-queue.sh b/SessionQueue/start-selenium-grid-session-queue.sh
index 9d98a4208d..b24dcfc1cb 100755
--- a/SessionQueue/start-selenium-grid-session-queue.sh
+++ b/SessionQueue/start-selenium-grid-session-queue.sh
@@ -113,6 +113,10 @@ else
   echo "Tracing is disabled"
 fi
 
+if [ -n "${SE_JAVA_HTTPCLIENT_VERSION}" ]; then
+  SE_JAVA_OPTS="$SE_JAVA_OPTS -Dwebdriver.httpclient.version=${SE_JAVA_HTTPCLIENT_VERSION}"
+fi
+
 java ${JAVA_OPTS:-$SE_JAVA_OPTS} \
   -jar /opt/selenium/selenium-server.jar \
   ${EXTRA_LIBS} sessionqueue \
diff --git a/Sessions/start-selenium-grid-sessions.sh b/Sessions/start-selenium-grid-sessions.sh
index b0357269ff..92f65872c4 100755
--- a/Sessions/start-selenium-grid-sessions.sh
+++ b/Sessions/start-selenium-grid-sessions.sh
@@ -148,6 +148,10 @@ fi
 cat "$CONFIG_FILE"
 echo "Starting Selenium Grid Sessions..."
 
+if [ -n "${SE_JAVA_HTTPCLIENT_VERSION}" ]; then
+  SE_JAVA_OPTS="$SE_JAVA_OPTS -Dwebdriver.httpclient.version=${SE_JAVA_HTTPCLIENT_VERSION}"
+fi
+
 java ${JAVA_OPTS:-$SE_JAVA_OPTS} \
   -jar /opt/selenium/selenium-server.jar \
   ${EXTRA_LIBS} sessions \
diff --git a/Standalone/start-selenium-standalone.sh b/Standalone/start-selenium-standalone.sh
index 2434b94d78..1e75316472 100755
--- a/Standalone/start-selenium-standalone.sh
+++ b/Standalone/start-selenium-standalone.sh
@@ -162,6 +162,10 @@ CHROME_DRIVER_PATH_PROPERTY=-Dwebdriver.chrome.driver=/usr/bin/chromedriver
 EDGE_DRIVER_PATH_PROPERTY=-Dwebdriver.edge.driver=/usr/bin/msedgedriver
 GECKO_DRIVER_PATH_PROPERTY=-Dwebdriver.gecko.driver=/usr/bin/geckodriver
 
+if [ -n "${SE_JAVA_HTTPCLIENT_VERSION}" ]; then
+  SE_JAVA_OPTS="$SE_JAVA_OPTS -Dwebdriver.httpclient.version=${SE_JAVA_HTTPCLIENT_VERSION}"
+fi
+
 java ${JAVA_OPTS:-$SE_JAVA_OPTS} \
   ${CHROME_DRIVER_PATH_PROPERTY} \
   ${EDGE_DRIVER_PATH_PROPERTY} \
diff --git a/StandaloneDocker/start-selenium-grid-docker.sh b/StandaloneDocker/start-selenium-grid-docker.sh
index ab56881cbc..f3f7275d6c 100755
--- a/StandaloneDocker/start-selenium-grid-docker.sh
+++ b/StandaloneDocker/start-selenium-grid-docker.sh
@@ -124,6 +124,10 @@ else
   echo "Tracing is disabled"
 fi
 
+if [ -n "${SE_JAVA_HTTPCLIENT_VERSION}" ]; then
+  SE_JAVA_OPTS="$SE_JAVA_OPTS -Dwebdriver.httpclient.version=${SE_JAVA_HTTPCLIENT_VERSION}"
+fi
+
 java ${JAVA_OPTS:-$SE_JAVA_OPTS} \
   -jar /opt/selenium/selenium-server.jar \
   ${EXTRA_LIBS} standalone \
diff --git a/tests/charts/make/chart_test.sh b/tests/charts/make/chart_test.sh
index 4d45884b7e..ba84d00533 100755
--- a/tests/charts/make/chart_test.sh
+++ b/tests/charts/make/chart_test.sh
@@ -40,6 +40,7 @@ CHART_ENABLE_BASIC_AUTH=${CHART_ENABLE_BASIC_AUTH:-"false"}
 BASIC_AUTH_USERNAME=${BASIC_AUTH_USERNAME:-"sysAdminUser"}
 BASIC_AUTH_PASSWORD=${BASIC_AUTH_PASSWORD:-"myStrongPassword"}
 LOG_LEVEL=${LOG_LEVEL:-"INFO"}
+INGRESS_DISABLE_USE_HTTP2=${INGRESS_DISABLE_USE_HTTP2:-false}
 TEST_EXISTING_KEDA=${TEST_EXISTING_KEDA:-"false"}
 TEST_UPGRADE_CHART=${TEST_UPGRADE_CHART:-"false"}
 RENDER_HELM_TEMPLATE_ONLY=${RENDER_HELM_TEMPLATE_ONLY:-"false"}
@@ -290,6 +291,10 @@ if [ "${INGRESS_DISABLE_USE_HTTP2}" = "true" ]; then
   HELM_COMMAND_SET_IMAGES="${HELM_COMMAND_SET_IMAGES} \
   --set ingress.nginx.useHttp2=false \
   "
+else
+  HELM_COMMAND_SET_IMAGES="${HELM_COMMAND_SET_IMAGES} \
+  --set ingress.nginx.useHttp2=true \
+  "
 fi
 
 if [ "${SECURE_CONNECTION_SERVER}" = "true" ]; then