Since webscan only looks at publicly available information it is not possible to always detect a framework patch. It is possible that the patch is in place but may require internal analysis to confirm.
WebScan will often provide you with the information you need to fix these vulnerabilities. It will also provide you with links to resources on the internet to help. This information should be passed onto your web developers who should be able to apply patches to the framework.