diff --git a/opensearch-2.yaml b/opensearch-2.yaml
index a0c0f8b45ba..1d790d04796 100644
--- a/opensearch-2.yaml
+++ b/opensearch-2.yaml
@@ -5,7 +5,7 @@
 package:
   name: opensearch-2
   version: 2.11.1
-  epoch: 7 # Remove CVE-2022-45146 patch when bumping to 2.12 or later
+  epoch: 8 # Remove CVE-2022-45146 patch when bumping to 2.12 or later
   description: Open source distributed and RESTful search engine.
   copyright:
     - license: Apache-2.0
@@ -73,7 +73,7 @@ data:
       index-management: ""
       job-scheduler: ""
       k-nn: ""
-      ml-commons: "CVE-2023-51074.patch"
+      ml-commons: "ml-commons.patch" # Handles both CVE-2023-51074, CVE-2023-42503
       neural-search: "CVE-2023-5072.patch"
       notifications: ""
       observability: ""
diff --git a/opensearch-2/CVE-2023-51074.patch b/opensearch-2/CVE-2023-51074.patch
deleted file mode 100644
index 74898523ee1..00000000000
--- a/opensearch-2/CVE-2023-51074.patch
+++ /dev/null
@@ -1,12 +0,0 @@
-diff --git a/ml-algorithms/build.gradle b/ml-algorithms/build.gradle
-index 3561472..050ea67 100644
---- a/ml-algorithms/build.gradle
-+++ b/ml-algorithms/build.gradle
-@@ -62,7 +62,7 @@ dependencies {
-     implementation 'software.amazon.awssdk:auth'
-     implementation 'software.amazon.awssdk:apache-client'
-     implementation 'com.amazonaws:aws-encryption-sdk-java:2.4.1'
--    implementation 'com.jayway.jsonpath:json-path:2.8.0'
-+    implementation 'com.jayway.jsonpath:json-path:2.9.0'
-     implementation group: 'org.json', name: 'json', version: '20231013'
- }
diff --git a/opensearch-2/ml-commons.patch b/opensearch-2/ml-commons.patch
new file mode 100644
index 00000000000..dcf26164d36
--- /dev/null
+++ b/opensearch-2/ml-commons.patch
@@ -0,0 +1,37 @@
+diff --git a/ml-algorithms/build.gradle b/ml-algorithms/build.gradle
+index 3561472..050ea67 100644
+--- a/ml-algorithms/build.gradle
++++ b/ml-algorithms/build.gradle
+@@ -62,7 +62,7 @@ dependencies {
+     implementation 'software.amazon.awssdk:auth'
+     implementation 'software.amazon.awssdk:apache-client'
+     implementation 'com.amazonaws:aws-encryption-sdk-java:2.4.1'
+-    implementation 'com.jayway.jsonpath:json-path:2.8.0'
++    implementation 'com.jayway.jsonpath:json-path:2.9.0'
+     implementation group: 'org.json', name: 'json', version: '20231013'
+ }
+
+diff --git a/ml-algorithms/build.gradle b/ml-algorithms/build.gradle
+index 35614721..74b0acbf 100644
+--- a/ml-algorithms/build.gradle
++++ b/ml-algorithms/build.gradle
+@@ -68,6 +68,7 @@ dependencies {
+ 
+ configurations.all {
+     resolutionStrategy.force 'com.google.protobuf:protobuf-java:3.21.9'
++    resolutionStrategy.force 'org.apache.commons:commons-compress:1.25.0'
+ }
+ 
+ jacocoTestReport {
+diff --git a/plugin/build.gradle b/plugin/build.gradle
+index af976e6f..3dc408a8 100644
+--- a/plugin/build.gradle
++++ b/plugin/build.gradle
+@@ -330,6 +330,7 @@ configurations.all {
+     resolutionStrategy.force 'org.apache.httpcomponents:httpclient:4.5.14'
+     resolutionStrategy.force 'commons-codec:commons-codec:1.15'
+     resolutionStrategy.force 'org.slf4j:slf4j-api:1.7.36'
++    resolutionStrategy.force 'org.apache.commons:commons-compress:1.25.0'
+ }
+ 
+ apply plugin: 'com.netflix.nebula.ospackage'