CVE-2021-44228 has been recently published for log4j. As OpenSearch uses log4j, it would be good to understand the impact and what the plan may be to address any issues.

Does CVE-2021-44228 impact OpenSearch

ralph December 10, 2021, 4:41pm 2

this has already been brought up here:

i’d suggest to keep the discussions in one place

1 Like

Topic		Replies	Views
Log4j2 vulnerability in OpenSearch Security discuss , cve , security-issue	72	10121	January 30, 2022
Log4j Patch for CVE-2021-44228 Announcements cve	6	13427	February 15, 2023
OpenSearch 1.2.2 version still showing log4j Vulnerability findings Security cve , security-issue	13	1089	January 10, 2022
Log4j issue - CVE-2021-44832 Security discuss , cve , security-issue	16	1409	February 10, 2022
Log4j Patch for CVE-2021-45046 Announcements releases , cve	3	956	February 15, 2023