Updates jar.Parse to return the specific CVEs identified during the
scan.
To ensure that refactoring of detection logic is correct, I've tested
this on a corpus of all log4j2 releases through 2.16.0 and verified
that there are no false positives or false negatives.
Updates jar.Parse to return the specific CVEs identified during the scan.
To ensure that refactoring of detection logic is correct, I've tested this on a corpus of all log4j2 releases through 2.16.0 and verified that there are no false positives or false negatives.