Re: Janusgraph-full-0.6.1: how to fix "WARNING: Critical severity vulnerabilities were found with Log4j!"


Hi Yingjie,

As edited in my previous reaction, the Cassandra jars in the JanusGraph distribution do not include the log4j jar. As to elasticsearch, your best choices are:
  1. not use mixed indices (check whether your application needs them)
  2. build JanusGraph for the current master branch, as already suggested by Boxuan above. The master branch has a patched Elasticsearch version 7.17

Best wishes,    Marc

Join { to automatically receive all group messages.