Unpatched vulnerability - https://jira.qos.ch/browse/LOGBACK-1591

https://jira.qos.ch/browse/LOGBACK-1591
I can't upgrade to logback 1.2.8 as getting error message "Class path contains SLF4J bindings targeting slf4j-api versions prior to 1.8" due to scala logging dependency on slf4j-api 1.7.30