Hi Team, We have installed OpenSearch 1.2.2 Version recently and its still showing the log4j vulnerability scan. For the remediation, May I know the next version would be helpful and when it can be live to use? Please advice!

OpenSearch 1.2.2 version still showing log4j Vulnerability findings

kris December 21, 2021, 4:26pm 2

Hello @Naga10 - we are working to release 1.2.3 to address CVE-2021-45105. We should know a target release date soon.

We will keep this post updated:

Topic		Replies	Views
Log4j Patch for CVE-2021-44228 Announcements cve	6	13218	February 15, 2023
Log4j2 vulnerability in OpenSearch Security discuss , cve , security-issue	72	9360	January 30, 2022
Does CVE-2021-44228 impact OpenSearch General Feedback cve	9	1503	December 20, 2021
Log4j issue - CVE-2021-44832 Security discuss , cve , security-issue	16	1235	February 10, 2022
Log4j Patch for CVE-2021-45105 Announcements releases , cve	3	824	February 9, 2023