Need help regarding CVE-2022-1471 (snakeyaml):
- Is there any fix for that in any ES version?
AFAIK, in the latest version, this package hasn't been updated.
- Is there any plan to update the damaged package of snakeyaml?
- Can I manually change the snakeyaml version? and how? (elasticsearch.yml maybe?)
The main reason this change is required is that we can't upload new images to GCP marketplace due to this vulnerability that is caused by ES.