An easily exploitable critical RCE vulnerability in Apache module log4j
The Chinese researcher from Alibaba Cloud team that published the details of the vulnerability yesterday shared it with Apache already 10 days ago. However the patch issued at the time