Fix for CVE-2023-52428 in logstash

Looking for fix for CVE-2023-52428 for logstash. Anyone know if there is a plan for when it will be released? It just needs an upgrade to the com.nimbusds/nimbus-jose-jwt packge.

You need to send an e-mail to security@elastic.co reporting this so they can validate this CVE and if it impacts Logstash or not.

thanks

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.