I need to bypass a spring-web framework vulnerability identified in spring-web-5.3.25.jar available in the wso2am-apim in lib/runtimes/cxf3/spring-web-5.3.25.jar.
The CVE Info is: https://nvd.nist.gov/vuln/detail/cve-2016-1000027
I've tried to move springframework forward to version 6.0.12 (by replacing the jar files) without any success.
It is not possible to upgrade the spring version to 6.x versions of WSO2 API Manager since spring 6.x versions are only compatible with JDK versions upwards of JDK 17.
Since the current released versions of APIM support JDK 8/11, it is not possible to simply upgrade the spring dependencies due to compatibility issues with other dependencies.