USN-5197-1: Apache Log4j 2 vulnerability
It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was
incomplete in certain non-default configurations. An attacker could use this
vulnerability to cause a denial of service.
Source: USN-5197-1: Apache Log4j 2 vulnerability