CGA-7228-rrfq-76c4

The dependency logback-core that is causing this CVE is a transitive dependency that is brought in via multiple parent dependencies, we are unable to update to fix version and requires upstream maintainers to update parent dependencies.