GHSA-xxfh-x98p-j8fr: Remote code injection in Log4j (through pax-logging-log4j2)

Severity: Critical

CVSS Score: 10

### Impact Remote Code Execution. ### Patches Users of pax-logging 1.11.9 should update to 1.11.10. Users of pax-logging 2.0.10 should update to 2.0.11. ### Workarounds Set system property `-Dlog4j2.formatMsgNoLookups=true` ### References https://github.com/advisories/GHSA-jfh8-c2jp-5v3q