Facing issue with OpenSearch Logstash image Vulnerabilities

opensearch · January 17, 2023, 4:16pm

Versions (relevant - OpenSearch/Dashboard/Server OS/Browser):
Hi Team,

we are facing the below logstash image vulnerability issues.
Could you please take a look and help on the fix.

CVE-2022-42004
CVE-2022-42003
CVE-2022-25857
CVE-2022-25647
CVE-2021-37137
CVE-2021-37136
CVE-2020-36518
CVE-2017-18640

Thanks & Regards,
Mounika

Describe the issue:

Configuration:

Relevant Logs or Screenshots:

davelago · February 2, 2023, 5:35pm

Thank you for the report, Mounika.

Apologies for the radio silence, just wanted to let you know that we are looking into each one of these CVEs and will reply back as soon as we have a definitive answer on them.

Best,
Dave.

opensearch · March 3, 2023, 12:27pm

Hi @davelago ,

IS there any update on above mentioned CVES fix.

Thanks,
Mounika

Topic		Replies	Views
Do you want live notifications when people reply to your posts? Enable Notifications Facing issue with OpenSearch image vulnerabilities of OpenSearch Logstash Security releases , cve	1	327	March 8, 2023
Facing issue with OpenSearch image vulnerabilities OpenSearch cve , security-issue	2	797	January 26, 2023
Facing issue with OpenSearch image vulnerabilities of OpenSearch Dashboard Security troubleshoot , cve	3	411	April 18, 2023
Does CVE-2021-44228 impact OpenSearch General Feedback cve	9	1661	December 20, 2021
OpenSearch 1.2.2 version still showing log4j Vulnerability findings Security cve , security-issue	13	1081	January 10, 2022

Facing issue with OpenSearch Logstash image Vulnerabilities

Related topics