Alibaba Group Holding Ltd conceded it was slow to report a major vulnerability in widely used software because it was unaware of its severity, a day after China’s tech industry overseer suspended cooperation on cybersecurity with the online retail giant.

Alibaba’s admission on Thursday clouded its role in uncovering potentially one of the more serious software vulnerabilities of recent years. Alibaba Cloud researcher Chen Zhaojun discovered the flaw in the Log4j open-source software and in November emailed it to members of the Apache Software Foundation community, which helps maintain the tool.