Is elasticsearch, logstash impacted by opendJDK Vulnerability

is Elasticsearch and logstash got impacted by opendJDK vulnerability?

CVE's

The versions impacted are:

  • OpenJDK 7 <= 7u331
  • OpenJDK 8 <= 8u322
  • OpenJDK 11.0.0 <= 11.0.14
  • OpenJDK 13.0.0 <= 13.0.10
  • OpenJDK 15.0.0 <= 15.0.6
  • OpenJDK 17.0.0 <= 17.0.2
  • OpenJDK 18.0.0 <= 18.0.0
1 Like

Please email security related questions to security@elastic.co.