Comment From: bclozel
Spring Framework 6.1.x is not affected by this CVE. Please check out the official report.