https://bugzilla.redhat.com/show_bug.cgi?id=1796858
--- Comment #4 from Chess Hazlett chazlett@redhat.com --- Statement:
No Red Hat products use the vulnerable code affected by this flaw. However, Red Hat Fuse 7 does provide it in its offline maven repository, and as such is affected at a low impact. This may be resolved in a future release.