Vulnerability (CVE-2022-42889) Apache Commons Text

mduijkers · October 19, 2022, 1:25pm

Vulnerability (CVE-2022-42889) Apache Commons Text. For this vulnerability ES needs to upgrade to Apache Commons Text 1.10.0
Source: https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om

Which version of ES is proof for this.
What is the current impact of this vulnerability within ES

warkolm · October 19, 2022, 8:56pm

Welcome to our community!

Topic		Replies	Views
Discuss: Security Vulnerabilities: ESA-2023-14 - CVE-2023-31419 Elasticsearch	3	683	January 4, 2024
Elastic Stack 7.14.0 Security Update Security Announcements	1	14852	November 4, 2022
Does Log4j vulnerability (CVE-2021-44228) is impacted for ES v7.5.2? Elasticsearch	2	1269	January 17, 2022
Security update associated with CVE-2023-31418 has confusing wording Elasticsearch	2	458	December 29, 2023
Log4j CVE-2021-44832 (released 28th dec) - is ES vulnerable? Elasticsearch	10	6648	February 7, 2022