There's a merged pull request on the void-packages repository

elasticsearch: remove package
https://github.com/void-linux/void-packages/pull/36545

Description:
- last updated in 2017 (upstream is 3 major versions ahead)
- contained vulnerable log4j (#34534)
- licence is a mess

removal suggested instead of updating because of the effort involved