Hello, I'm trying to verify that Java Security Manager is enabled by default in oss images, particularly in:
I see conflicting information online about whether it's always enabled or not. How can we verify?
Thank you,
Travis
Welcome to our community! 
Apache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-31 has a bunch of info on the impacted versions.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.