-
**Vulnerabilities**
DepShield reports that this application's usage of [log4j:log4j:1.2.17](https://ossindex.sonatype.org/component/pkg:maven/log4j/log4j@1.2.17) results in the following vulnerabilit…
-
## CVE-2022-23302 - High Severity Vulnerability
Vulnerable Library - log4j-1.2.17.jar
Apache Log4j 1.2
Library home page: http://www.apache.org
Path to dependency file: /aws-java-simple-http-endpoin…
-
## CVE-2022-23302 - High Severity Vulnerability
Vulnerable Library - log4j-1.2.17.jar
Apache Log4j 1.2
Library home page: http://www.apache.org
Path to dependency file: /foxtrot-core/pom.xml
Path to…
-
Hello
Would it be possible to show the "potentially vulnerable" information as well in the output like it is done for mitigated files:
[*] Found CVE-2021-44228 (log4j 2.x) vulnerability in /usr/l…
WWIJP updated
2 years ago
-
## CVE-2022-23302 - High Severity Vulnerability
Vulnerable Library - log4j-1.2.17.jar
Apache Log4j 1.2
Library home page: http://www.apache.org
Path to dependency file: /hadoop-common-project/hadoop…
-
Vulnerable Library - slf4j-log4j12-1.5.0.jar
Path to dependency file: /pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/log4j/log4j/1.2.13/log4j-1.2.13.jar
Found in HEAD comm…
-
Vulnerable Library - slf4j-log4j12-1.5.0.jar
Path to dependency file: /pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/log4j/log4j/1.2.13/log4j-1.2.13.jar
Found in HEAD comm…
-
Based on [GHSA-jfh8-c2jp-5v3q](https://github.com/advisories/GHSA-jfh8-c2jp-5v3q)
_"Log4j versions prior to 2.16.0 are subject to a remote code execution vulnerability via the ldap JNDI parser."_
In…
-
Expected - pom.xml should contain OWASP dependency check plugin
```
org.owasp
dependency-check-maven
6.0.1
check
```
OWASP check output:
```
One or …
-
The problem is related to log4j 2.x.
Some dependency in SikuliX depends on log4j 1.2.17. So currently there is no need to do anything.
[Look here for a very good information on the problem](http…