UPDATE: If you arrived here to learn about Couchbase’s response to the Log4Shell vulnerability, please see Ian McCloy’s message down below.
Hi All,
I’m glad to announce the release of Couchbase Elasticsearch Connector 4.3.3 and 4.2.13.
All users should upgrade to one of these versions as soon as possible to fix a high severity vulnerability CVE-2021-44228 in versions of Log4j 2 prior to 2.15.0.
Thank you for using Couchbase and participating in our community forums.
I would encourage all users to review our blog post What to Know About the Log4j Vulnerability CVE-2021-44228 which has details about the affected software and mitigations.
Thank you,
Ian McCloy, Couchbase Principal Product Manager