There is a vulnerability discovered in infinispan https://nvd.nist.gov/vuln/detail/CVE-2021-31917. WhiteSource claims that it was fixed in version 12.0.1.Final, however, no proofs were provided. We would appreciate if you've clarified if this vulnerability has really been fixed in that version and provide a link to commit or tag which contained a fix.

Second important thing for us is infinispan 12.0.1.Final​ compatibility with Spring Boot 2.4.13​.
Spring Boot 2.4.13​ comes with several infinispan libraries of version 11.0.11.Final​. But since 12.0.1.Final is a different major version compared to 11.0.11​, the question arises - is it compatible with Spring Boot 2.4.13​?