palantir/log4j-sniffer

Issues

• Where is log4j-sniffer installed in Ubuntu Linux?

  #156 opened 2 years ago by nlecrenn
  1

• Don't flag the Gradle shadow plugin 7.1.2 (shadow-7.1.2.jar) as vulnerable

  #122 opened 3 years ago by AlexLandau
  1

• Add a way to suppress flagging good log4j files as potentially vulnerable if renamed

  #112 opened 3 years ago by mcainx
  6

• Support inspection of large archives in memory-constrained scenarios

  #40 opened 3 years ago by nmiyake
  0

• Support deleting of vulnerable files

  #71 opened 3 years ago by glynternet
  0

• Report on individual files rather than only resultant aggregation at top level

  #72 opened 3 years ago by glynternet
  0

• Handle checking zip obfuscation at deeper nested levels.

  #63 opened 3 years ago by glynternet
  1

• Filesystem cache can be put under pressure

  #77 opened 3 years ago by glynternet
  0

• CVE-2021-44228 detection

  #53 opened 3 years ago by DoronGaznavi
  2

• Add support for plain list of vulnerable file paths

  #55 opened 3 years ago by mpanighetti
  0

• Windows download is in .tgz format not .exe

  #50 opened 3 years ago by TWalstrom
  2

• Add support for detection in nested archives

  #39 opened 3 years ago by nmiyake
  1

• Improve detection mechanism

  #16 opened 3 years ago by nmiyake
  3

• Add more details to human-readable output

  #41 opened 3 years ago by nmiyake
  1

• Ignoring directories on Windows

  #42 opened 3 years ago by dicconb
  0

• Modify output format

  #15 opened 3 years ago by nmiyake
  0

• Detection should consider 2.16 also as vulnerable

  #23 opened 3 years ago by MatsBjerin
  3