CVE-2021-44228 has been recently published for log4j. As OpenSearch uses log4j, it would be good to understand the impact and what the plan may be to address any issues.

Does CVE-2021-44228 impact OpenSearch

kris December 20, 2021, 7:24pm 10

We’re working on a 1.2.3 release - and will also work to update our Logstash Docker image

Topic		Replies	Views
Log4j Patch for CVE-2021-44228 Announcements cve	6	13490	February 15, 2023
OpenSearch 1.2.2 version still showing log4j Vulnerability findings Security cve , security-issue	13	1123	January 10, 2022
Logstash OSS with OpenSearch Output Plugin Log4j vulnerable OpenDistro cve , security-issue	7	1904	December 16, 2021
Log4j issue - CVE-2021-44832 Security discuss , cve , security-issue	16	1455	February 10, 2022
Log4j Patch for CVE-2021-45046 Announcements releases , cve	3	968	February 15, 2023