F5 AppWorld 2024 session proposal deadline extended to Friday, December 8th!
Thes two CVEs correspon to Integer Overflows, which are attacks that can not really be mitigated with AWS rules.
A common methon in application security for mitigating such attacks are size limits on paramters, for example.
That said, the F5 Rules for AWS WAF - CVE group does not have rules for the CVEs in question.
or learn more...