paulushcgcj
commented
8 months ago So far, a fix for this issue is not available. the dependency library used (Nimbus JOSE+JWT)[https://mvnrepository.com/artifact/com.nimbusds/nimbus-jose-jwt] is still reporting not only this but another CVE associated to some of it's dependencies yet. We will keep monitoring it for any possible mitigation scenario available.
Tracking issue for: