Looking for fix for CVE-2023-52428 for logstash. Anyone know if there is a plan for when it will be released? It just needs an upgrade to the com.nimbusds/nimbus-jose-jwt packge.
You need to send an e-mail to security@elastic.co reporting this so they can validate this CVE and if it impacts Logstash or not.
thanks