Hi team,
The project is currently vulnerable to CVE-2025-68161. Could you please upgrade log4j to 2.25.3 or higher?
{
"id": "CVE-2025-68161",
"packageName": "org.apache.logging.log4j_log4j-core",
"packageVersion": "2.17.1",
"packagePath": "elasticsearch-connector/lib/log4j-core-2.17.1.jar",
"status": "fixed in 2.25.3, 2.0.1",
"link": "https://nvd.nist.gov/vuln/detail/CVE-2025-68161"
}
Hi team,
The project is currently vulnerable to CVE-2025-68161. Could you please upgrade log4j to 2.25.3 or higher?
{ "id": "CVE-2025-68161", "packageName": "org.apache.logging.log4j_log4j-core", "packageVersion": "2.17.1", "packagePath": "elasticsearch-connector/lib/log4j-core-2.17.1.jar", "status": "fixed in 2.25.3, 2.0.1", "link": "https://nvd.nist.gov/vuln/detail/CVE-2025-68161" }