google/log4jscanner
A log4j vulnerability filesystem scanner and Go package for analyzing JAR files.
GoApache-2.0
Issues
- 1
False negative for old libraries version
#51 opened by nikaiw - 0
Scan does not catch log4j log4j-1.2.12.jar
#55 opened by vitikyalapatii - 3
Error scanning - negative offset
#42 opened by pannemra - 0
- 3
False positive with current detection method
#43 opened by nikaiw - 3
Replace io.ReadAll usage with pre-allocated buffers of appropriate size
#27 opened by lyoung-confluent - 5
- 4
Please support remediation of CVE-2021-4104 by removing JMSAppender.class as well
#37 opened by jshomphe - 1
Add Support for Additional Java Binary Types
#34 opened by pyotam - 0
test flutter app issue
#33 opened by ryqliang - 1
"cannot find package" when building or installing through go install command
#32 opened by ForumPlayer - 2
sudo: log4jscanner: command not found
#30 opened by cdo9 - 0
Dependency Error While Building
#25 opened by Ajay-056 - 2
Can it scan vulnerabilities of other log conpoments, such Logback and java.util.logging.Logger?
#17 opened by TianXiaPlus - 2
scanner fails if /tmp is on a different filesystem than the filesystem being scanned on linux
#18 opened by cmedianu - 1
Support executable JARs
#21 opened by ericchiang - 7
readdir META-INF/versions/9: not implemented
#12 opened by mslinn - 0
Add install instructions
#5 opened by ericchiang - 0
Release precompiled binaries
#6 opened by ericchiang - 0