We noticed during our latest vulnerability scan that Spectrum has Spring Security libraries that are outdated and vulnerable to CVE-2024-38821. Are their any plans to update Spring Security in Spectrum?
Spectrum 23.x / 24.x
Spring Security CVE-2024-38821
This has been resolved in 24.3.4 as mentioned in the Third Party Acknowledgements here
Spring Framework 5.3.42
Spring Security 5.8.16