[BUG] CVE-2025-53864 contained in OpenSearch 3.1.0 image

### Describe the bug

Automated scanning tools have detected the presence of CVE-2025-53864 in the 3.1.0 image. It looks to be brought in via the OpenSearch Security plugin and its dependency on nimbus-jose-jwt-9.48. File is at: /usr/share/opensearch/plugins/opensearch-security/nimbus-jose-jwt-9.48.jar

### Related component

Other

### To Reproduce

Scan the image

### Expected behavior

No known vulnerabilities

### Additional Details

_No response_

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

[BUG] CVE-2025-53864 contained in OpenSearch 3.1.0 image #18761

Describe the bug

Related component

To Reproduce

Expected behavior

Additional Details

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

[BUG] CVE-2025-53864 contained in OpenSearch 3.1.0 image #18761

Description

Describe the bug

Related component

To Reproduce

Expected behavior

Additional Details

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions