AVG-2425 log

Package	logstash
Status	Not affected
Severity	High
Type	xml external entity injection
Affected	7.10.2-1
Fixed	Not affected
Current	Removed
Ticket	None
Created	Tue Sep 28 08:55:02 2021

Issue	Severity	Remote	Type	Description
CVE-2021-41098	High	Yes	Xml external entity injection	In Nokogiri v1.12.4 and earlier, on JRuby only, the SAX parser resolves external entities by default. Users of Nokogiri on JRuby who parse untrusted...

Notes
Logstash version 7.10.1 bundles Nokogiri version 1.10.10 for JRuby.