Add explicit dependency on com.nimbusds:nimbus-jose-jwt 9.37.3 (CVE-2023-52428)

[mwilso3]

Pinning the version of com.nimbusds:nimbus-jose-jwt to 9.37.3 to address https://www.cve.org/CVERecord?id=CVE-2023-52428 as com.nimbusds:oauth2-oidc-sdk 9.4 brings in a vulnerable version of nimbus-jose-jwt (9.8.1).

Nimbus changelog: https://bitbucket.org/connect2id/nimbus-jose-jwt/branches/compare/9.37.3%0D9.8.1#chg-CHANGELOG.txt

[devOpsHazelcast]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you all sign our Contributor License Agreement before we can accept your contribution.
1 out of 6 committers have signed the CLA.

:white_check_mark: mwilso3
:x: dkjellin
:x: jatladams
:x: jzhang10-atl
:x: Justin Thomas
:x: ssu2-atl

---

Justin Thomas seems not to be a GitHub user. You need a GitHub account to be able to sign the CLA. If you have already a GitHub account, please add the email address used for this commit to your account.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}

[mwilso3]

Sorry, this is incorrect. Declining and retargeting.