A vulnerability in log4j has been reported, e.g. GitHub - NCSC-NL/log4shell: Operational information regarding the vulnerability in the Log4j logging library., which is currently being exploited.
We found it is also present in Shiny, e.g. within /shiny-server/node_modules/log4js
Does this represent a potential security risk for the server hosting our Shiny applications? Is there a way to address this ?
Thanks,
Coen