Hello Spring Cloud Config Team,
There is a CVE (CVE-2023-4759) in org.eclipse.jgit:org.eclipse.jgit version 6.4.0.202211300538-r that you are using in spring-cloud-config-server.
It has been fixed since their version 6.6.1.202309021850-r in september 2023.
Do you plan on fixing it in one of your 4.0.x releases ?
Thank you in advance