The Apache Software Foundation has released a security advisory for Java logging library Apache Log4j. This flaw is also known as Log4Shell. This vulnerability may be exploited over a network without the need for a username and password. This is logged in the National Vulnerability Database (NVD) as CVE-2021-44228. Multiple server and cloud software vendors will be releasing security updates.