https://bugzilla.redhat.com/show_bug.cgi?id=1725807
--- Comment #2 from Doran Moppert dmoppert@redhat.com --- Mitigation:
This vulnerability relies on logback-core (ch.qos.logback.core) being present in the application's ClassPath. logback-core is not packaged as an RPM for Red Hat Enterprise Linux or Red Hat Software Collections. Applications using jackson-databind that do not also use logback-core are not impacted by this vulnerability.