AVG-2425 log

Package logstash
Status Not affected
Severity High
Type xml external entity injection
Affected 7.10.2-1
Fixed Not affected
Current Removed
Ticket None
Created Tue Sep 28 08:55:02 2021
Issue Severity Remote Type Description
CVE-2021-41098 High Yes Xml external entity injection
In Nokogiri v1.12.4 and earlier, on JRuby only, the SAX parser resolves external entities by default. Users of Nokogiri on JRuby who parse untrusted...
Logstash version 7.10.1 bundles Nokogiri version 1.10.10 for JRuby.