Track Apache Log4j advisories

aboutcode-org / vulnerablecode

A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/

https://public.vulnerablecode.io

Apache License 2.0

536 stars 201 forks source link

Track Apache Log4j advisories #586

Open pombredanne opened 2 years ago

pombredanne commented 2 years ago

See https://logging.apache.org/log4j/2.x/security.html It graduated to be tracked on its own.

TG1999 commented 9 months ago

It's in CycloneDX json format https://logging.apache.org/log4j/2.x/security.html#vulnerabilities