It was patched in early 2023.

Let’s rephrase the headline: CISA remind organisations to apply a security update for a bug already fixed more than 2 years ago