About the log4jshell pandemic, and what CF folks can do about it
You can find lots of info in the CF and IT worlds about the log4jshell (or log4shell) "pandemic", since the news broke late Dec 9. If you have not found those yet, first here's a post I did on the Adobe CF portal yesterday with my thoughts (and a "mask" to consider, especially while we await a formal update, "the shot", from Adobe):
My lengthier post at the CF Portal: Dealing with the recent log4j vulnerability, before Adobe releases an update
I have more that I offered originally in this post here, on my carehart.org blog, but first I want to track recent updates and news since I first posted these two blog entries on the morning of Dec 14: