[ovirt-users] Is vulnerable log4j package necessary in my ovirt repo?

Hello, I found that the vulnerable log4j-2.13.0-1 package is in oVirt repository, but not installed even after the oVirt setup. So, I want to remove that package from my private oVirt repository if it's not necessary. but I'm not sure what will happen by doing so. Is there any side effects?