Upgrade nimbus-jose-jwt:jar to 9.37.3 in Spring Security 5.8.x #15951
Labels
in: oauth2
An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
status: waiting-for-feedback
We need additional information before we can continue
type: dependency-upgrade
A dependency upgrade
Hello,
would it be possible please to upgrade Nimbus dependency in Spring Security 5.8.x?
The library is vulnerable to https://nvd.nist.gov/vuln/detail/CVE-2023-52428.
The text was updated successfully, but these errors were encountered: