Log4j (security vulnerability)
Apache Log4j is an open source Java-based logging utility. In late 2021, researchers discovered a critical vulnerability in Log4j.
The ‘Log4Shell’ bug has been described by one security expert as “another ‘flashbulb memory’ event in the timeline of significant vulnerabilities”.
The CVSS 10-rated vulnerability has a colossal attack surface extending downstream to countless applications, plugins, and packages.
Log4j’s ubiquity means the reverberations of the flaw will likely be felt for a long time to come.