Looks like there is another issue and another fix [image] CVE-2021-45046 - GitHub Advisory Database Incomplete fix for Apache Log4j vulnerability And the release of Logstash 7.16.1 Release Notes | Logstash Reference [7.16] | Elastic has the incomplete fix. W…

Per the official Security Announcement thread : [image] Apache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-31 [Update Dec 14th] Log4j 2.16.0 has been released to address CVE-2021-45046. Logstash is not impacted by the vulnerability disclosed in CVE-2021-45046 beca…

Discuss the Elastic Stack

Urgent - Incomplete fix for Apache Log4j vulnerability v2.15.0

Elastic Stack Logstash

yaauie (Ry Biesemeyer) December 15, 2021, 4:08am 2

Per the official Security Announcement thread:

1 Like

Elasticsearch is a trademark of Elasticsearch BV, registered in the U.S. and in other countries
Trademarks
Terms
Privacy
Brand
Code of Conduct

Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.