Spring Vulnerability CVE-2016-1000027 on version 5.28 and 5.29

Hello,

Spring Framework has a vulnerability, CVE-2016-1000027 fixed on version 6.x.x. In June and July, Version 5.3.28 and 5.3.29 were released. Are those versions secure from CVE-2016-1000027?

There is no CPE information on https://nvd.nist.gov/vuln/detail/cve-2016-1000027

Thank you, Regards.

Comment From: snicoll

@kbjoon1011 please take the time to search the issue tracker first. There are numerous duplicate about this, see #24434