@aduerr Please see Elasticsearch Security Statement regarding CVE-2022-1471
@Michael_Day1 our standard policy applies:
Elastic's security reporting guidelines are available at Security issues | Elastic.
Per those guidelines, all reports of potential security issues or vulnerabilities should be sent via email to security@elastic.co.
We are unable to discuss potential issues of this nature here. Please send your report to the email address above, where it can be appropriately handled.