Address CVE-2023-1370 (DataBiosphere/azul-private#107)

hannes-ucsc · hannes-ucsc · commit e7f506004867 · 2023-12-25T16:29:23.000-08:00
diff --git a/Dockerfile b/Dockerfile
@@ -8,3 +8,6 @@ RUN apt-get update && apt-get upgrade -y
 
 # https://nvd.nist.gov/vuln/detail/CVE-2021-40690
 RUN rm /usr/share/elasticsearch/modules/x-pack-{identity-provider,security}/xmlsec-2.1.4.jar
+
+# https://nvd.nist.gov/vuln/detail/CVE-2023-1370
+RUN rm /usr/share/elasticsearch/modules/x-pack-security/nimbus-jose-jwt-9.23.jar
