Bump org.springframework:spring-web from 6.1.14 to 6.2.0 (#1709)

Author: dependabot[bot]

build-tools/owasp/suppressions.xml

@@ -25,4 +25,11 @@
      <packageUrl regex="true">^pkg:maven/org\.eclipse\.jetty/jetty-server@.*$</packageUrl>
      <vulnerabilityName>CVE-2024-8184</vulnerabilityName>
   </suppress>
+  <suppress until="2025-01-22Z">
+    <notes><![CDATA[
+        The use of spring-web in the JCL does not accept byte[] input data
+    ]]></notes>
+     <packageUrl regex="true">^pkg:maven/org\.springframework\..*@.*$</packageUrl>
+     <vulnerabilityName>CVE-2024-38828</vulnerabilityName>
+  </suppress>
 </suppressions>

spring/pom.xml

@@ -95,7 +95,7 @@
     <dependency>
       <groupId>org.springframework</groupId>
       <artifactId>spring-web</artifactId>
-      <version>6.1.14</version>
+      <version>6.2.0</version>
       <scope>provided</scope>
     </dependency>
   </dependencies>