diff --git a/release-notes/VERSION b/release-notes/VERSION
index 253d056cc..4ed1dd9d0 100644
--- a/release-notes/VERSION
+++ b/release-notes/VERSION
@@ -67,7 +67,9 @@ One more patch release for 1.9.
 * [databind#2462]: Block two more gadget types (commons-configuration/-2, CVE-2019-14892)
 * [databind#2469]: Block one more gadget type (xalan2, might be related to CVE-2019-14893)
 * [databind#2704]: Block one more gadget type (xalan2, CVE-2020-14062)
-* [databind#2765]: Block one more gadget type (org.jsecurity, 2020-14195)
+* [databind#2765]: Block one more gadget type (org.jsecurity, CVE-2020-14195)
+* [databind#2798]: Block one more gadget type (CVE-2020-24750)
+
 
 1.9.13 (14-Jul-2013)
 
diff --git a/src/mapper/java/org/codehaus/jackson/map/jsontype/impl/SubTypeValidator.java b/src/mapper/java/org/codehaus/jackson/map/jsontype/impl/SubTypeValidator.java
index 0449fd656..ffec2aac5 100644
--- a/src/mapper/java/org/codehaus/jackson/map/jsontype/impl/SubTypeValidator.java
+++ b/src/mapper/java/org/codehaus/jackson/map/jsontype/impl/SubTypeValidator.java
@@ -187,6 +187,9 @@ public class SubTypeValidator
         // [databind#2764]: org.jsecurity:
         s.add("org.jsecurity.realm.jndi.JndiRealmFactory");
 
+        // [databind#2798]: com.pastdev.httpcomponents:
+        s.add("com.pastdev.httpcomponents.configuration.JndiConfiguration");
+        
         DEFAULT_NO_DESER_CLASS_NAMES = Collections.unmodifiableSet(s);
     }