The website, vulert.com, gave wrong information that Spring Framework v5.3.40 and v6.0.24 are the affected versions of this vulnerability, CVE-2024-38816. It suggested upgrading to v5.3.41 and v6.0.25.

However, both v5.3.41 and v6.0.25 do not exist and are not published yet. Customer is confused and hesitates to bypass this vulnerability by upgrade.

After contacting with Vulert support about this misinformation, confirmation was received that this was a mistake which was corrected. Please be noted the latest update in https://vulert.com/vuln-db/CVE-2024-38816.