CGA-4jxw-mwcp-83m9

Elasticsearch retains an older library version for OpenSAML compatibility but does not use Guava serialization, making it unaffected by this vulnerability. For more details, see the GitHub comment https://github.com/elastic/elasticsearch/issues/50395#issuecomment-1145561826