Find vulnerable Log4j2 versions on disk and also inside Java Archive Files (Log4Shell CVE-2021-44228, CVE-2021-45046, CVE-2021-45105)
435
stars
97
forks
source link
Added log4j 2.17.0 hash and mark as the only good version (CVE-2021-45105) #43
Closed
yunzheng closed 2 years ago
log4j 2.17.0 fixes CVE-2021-45105: Apache Log4j2 does not always protect from infinite recursion in lookup evaluation
source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45105