...
CAST will release updates to affected products in the coming days - these updates will contain Spring Framework 5.3.18 / 5.2.20 and/or Spring Boot 2.6.6 / 2.5.12 which fix the vulnerabilities. Only the most recent releases of each affected product will be patched, therefore this necessarily means upgrading to the newest release to receive the patch (CAST highly recommends this in all situations where possible).
...