Jackson Java Deserialization Vulnerabilities

Very detailed information about the vulnerabilities is available here, here and here. To summarize, the java code is vulnerable if following strings are present in code:

1. enableDefaultTyping
2. @JsonTypeInfo (per-class annotations)