Spring Security Upgrade nimbus-jose-jwt:jar to 9.37.3

org.springframework.security:spring-security-oauth2-jose:jar:6.2.3 has a dependency to

com.nimbusds:nimbus-jose-jwt:jar:9.24.4,

which has the vulnerability

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52428,

its worth to upgrade nimbus-jose-jwt to 9.37.3

Comment From: rhanton

I think this is a duplicate of https://github.com/spring-projects/spring-security/issues/14836

Comment From: brandonfl

+1 for removing known CVE

Comment From: marcusdacoregio

Closing as duplicate of https://github.com/spring-projects/spring-security/issues/14836