https://bugzilla.redhat.com/show_bug.cgi?id=1826798
--- Comment #19 from Mauro Matteo Cascella mcascell@redhat.com --- Mitigation:
The following conditions are needed for an exploit, we recommend avoiding all if possible: * Deserialization from sources you do not control * `enableDefaultTyping()` * `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`