CVE-2022-1471 is not listed in Security Issues site

  • Is there any fix for that in any Logstash version?
  • Is there any plan to update the damaged package of snakeyaml 1.31=>2.0?
  • Can I manually change the snakeyaml version? if so then how?

Please see Security issues | Elastic for how to raise these sorts of queries;

Users and customers may report any other potential security issues to This address can be used for product security related inquiries or requests about other security topics that are not explicitly mentioned here. We can accept only security issues at this address. Bug reports should be directed to the bug database of the project you're reporting it on or raised to Elastic Support.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.