CVE-2021-44228 has been recently published for log4j. As OpenSearch uses log4j, it would be good to understand the impact and what the plan may be to address any issues.

Does CVE-2021-44228 impact OpenSearch

ralph December 10, 2021, 4:41pm 2

this has already been brought up here:

i’d suggest to keep the discussions in one place

1 Like

Topic		Replies	Views
Log4j2 vulnerability in OpenSearch Security discuss , cve , security-issue	72	9356	January 30, 2022
Log4j Patch for CVE-2021-44228 Announcements cve	6	13216	February 15, 2023
OpenSearch 1.2.2 version still showing log4j Vulnerability findings Security cve , security-issue	13	937	January 10, 2022
Log4j issue - CVE-2021-44832 Security discuss , cve , security-issue	16	1235	February 10, 2022
Log4j Patch for CVE-2021-45105 Announcements releases , cve	3	824	February 9, 2023