Azure DevOps 2020 and 2019 (and 2018) patch for log4j vulnerability

/ 17 Dec, 2021

Azure DevOps can be configured with advanced Code Search. That feature relies on Elastic Search. Depending on the age of your server, JVM version, and Elastic Search version this may result in your setup being vulnerable to CVE-2021-44228. Read my blog post on how to patch Azure DevOps for the log4j vulnerability here.