diff --git a/doc/changes/changelog.md b/doc/changes/changelog.md
index 90670829..ad256c00 100644
--- a/doc/changes/changelog.md
+++ b/doc/changes/changelog.md
@@ -1,5 +1,6 @@
 # Changes
 
+* [0.18.1](changes_0.18.1.md)
 * [0.18.0](changes_0.18.0.md)
 * [0.17.0](changes_0.17.0.md)
 * [0.16.0](changes_0.16.0.md)
diff --git a/doc/changes/changes_0.18.1.md b/doc/changes/changes_0.18.1.md
new file mode 100644
index 00000000..e1669d1c
--- /dev/null
+++ b/doc/changes/changes_0.18.1.md
@@ -0,0 +1,13 @@
+# Script-Languages-Container-Tool 0.18.0, released 2023-11-24
+
+Code name: Configobj moved
+
+## Summary 
+
+This release moves configobj from dependencies to dev dependencies so the security alert 
+regarding ReDoS exploit does not propagate
+
+## Security
+
+  - moved configobj to dev dependencies
+
diff --git a/poetry.lock b/poetry.lock
index 74a5c147..ce5059c8 100644
--- a/poetry.lock
+++ b/poetry.lock
@@ -240,7 +240,7 @@ files = [
 name = "configobj"
 version = "5.0.8"
 description = "Config file reading, writing and validation."
-category = "main"
+category = "dev"
 optional = false
 python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*"
 files = [
@@ -1320,4 +1320,4 @@ testing = ["big-O", "flake8 (<5)", "jaraco.functools", "jaraco.itertools", "more
 [metadata]
 lock-version = "2.0"
 python-versions = ">=3.8,<4"
-content-hash = "e4dbcabd0f3933f97875c5d48a69424f99c76f28e4aa8198e9f66f3727ed8f7f"
+content-hash = "d04ccf972ba75d6f4732f4d1fe43c87f628c3454081d9bb8aba3e507f242a33f"
diff --git a/pyproject.toml b/pyproject.toml
index 511d73e2..5a53498b 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "exasol-script-languages-container-tool"
-version = "0.18.0"
+version = "0.18.1"
 description = "Script Languages Container Tool"
 
 license = "MIT"
@@ -23,7 +23,6 @@ importlib-resources = ">=5.4.0"
 networkx = "2.8.2" # We pinned networkx to this version, because in newer versions it throws an exception, see https://github.com/exasol/integration-test-docker-environment/issues/228
 exasol-integration-test-docker-environment = "^1.7.1"
 typeguard = "<3.0.0"
-configobj = "^5.0.8"
 
 [build-system]
 requires = ["poetry_core>=1.0.0"]
@@ -31,6 +30,7 @@ build-backend = "poetry.core.masonry.api"
 
 [tool.poetry.dev-dependencies]
 toml = ">=0.10.2"
+configobj = "^5.0.8" # moved to dev dependencie so security alert does not propagate further up
 
 
 [tool.poetry.scripts]
diff --git a/test/resources/test_container/full/build/deps/requirements.txt b/test/resources/test_container/full/build/deps/requirements.txt
index babfe230..c32a64a5 100644
--- a/test/resources/test_container/full/build/deps/requirements.txt
+++ b/test/resources/test_container/full/build/deps/requirements.txt
@@ -1,4 +1,4 @@
-pyodbc>=4.0.27
+pyodbc<5.0.0
 pytz
 lxml
 docker