"Log4Shell" is a zero-day vulnerability in the Apache Log4j Java library disclosed on 9 December 2021. You can learn more about the vulnerability at the following URLs:
The vulnerability is present in Log4j v2.0 through 2.14.x.
Opalstack web servers have log4j 1.2.17 installed. This version is not affected.
Customers running their own Java applications should check their apps' dependencies to ensure that they aren't running a vulnerable version of log4j, and if so then update it to v2.15.0.
