If you have a security scan flagging a dependency of a CVE (vulnerability) that is used Spring, you should not wait for their next update cycle to update it. You can update it yourself, find out how in this post.
Tag: spring
Quarkus Guide: Using Spring Data JPA
Did you know you could use Spring Data JPA in Quarkus? Find out how!