Must-share information (formatted with Markdown):
- which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension): 8.9.7
- what are you trying to achieve: To get more info on Elsticsearch Log4j
- what have you tried so far to achieve this: Checked community portal but it did not clearified.
Is there any way to know how there is no vulnerability when elasticsearch contains Log4j file?
Could you please share more details on the same?
Welcome to the community!
I guess you didn’t get around to searching. When I search (top-right corner) for “Log4J” the first result is our official statements made at the time the vulnerability was discovered: