--- Dockerfile	2021-12-20 12:08:44.603000000 +0100
+++ Dockerfile_new	2021-12-20 12:08:21.988000000 +0100
@@ -21,9 +21,20 @@
 
 WORKDIR /usr/share/elasticsearch
 
-RUN cd /opt && curl --retry 8 -s -L -O https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.6.2-linux-x86_64.tar.gz && cd -
+RUN cd /opt && \
+    curl --retry 8 -s -L -O https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.6.2-linux-x86_64.tar.gz && cd - && \
+    tar zxf /opt/elasticsearch-7.6.2-linux-x86_64.tar.gz --strip-components=1 && \
+    # Remove SQS CLI which contains outdated log4j
+    rm /usr/share/elasticsearch/bin/elasticsearch-sql-cli-7.6.2.jar && \
+    # Download log4j-api and log4j-core 2.17.0
+    curl https://repo1.maven.org/maven2/org/apache/logging/log4j/log4j-core/2.17.0/log4j-core-2.17.0.jar -o log4j-core-2.17.0.jar && \
+    curl https://repo1.maven.org/maven2/org/apache/logging/log4j/log4j-api/2.17.0/log4j-api-2.17.0.jar -o log4j-api-2.17.0.jar && \
+    # Remove outdated versions
+    rm /usr/share/elasticsearch/lib/log4j-core-*.jar && \
+    rm /usr/share/elasticsearch/lib/log4j-api-*.jar && \
+    # Move new lib
+    mv log4j-core-2.17.0.jar log4j-api-2.17.0.jar /usr/share/elasticsearch/lib/
 
-RUN tar zxf /opt/elasticsearch-7.6.2-linux-x86_64.tar.gz --strip-components=1
 RUN grep ES_DISTRIBUTION_TYPE=tar /usr/share/elasticsearch/bin/elasticsearch-env     && sed -i -e 's/ES_DISTRIBUTION_TYPE=tar/ES_DISTRIBUTION_TYPE=docker/' /usr/share/elasticsearch/bin/elasticsearch-env
 RUN mkdir -p config data logs
 RUN chmod 0775 config data logs