News
Syft is also able to discern which version of Log4j a Java application contains. The Log4j JAR can be directly included in our project, or it can be hidden away in one of the dependencies we include.
If you're not certain whether your Java project is free from Log4j vulnerabilities, you should try this easy-to-use scanning tool immediately.
Log4Shell is the latest hacker exploit rocking the internet, and it’s arguably the worst yet. The vulnerability is in an obscure piece of software used on millions of computers.
NSCS warns that the Log4j flaw won't be fixed overnight and that defenders could suffer burnout during the process. Written by Liam Tung, Contributing Writer Dec. 21, 2021, 4:08 a.m. PT ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback