google log4jscanner issues

google / log4jscanner

A log4j vulnerability filesystem scanner and Go package for analyzing JAR files.

Apache License 2.0

1.57k stars 120 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

feat/backup

#64 karchx opened 2 years ago
7
jar: support Go 1.19 archive/zip

#63 ianlancetaylor closed 2 years ago
0
jar: fix logic with new Go 1.19 support for prefixed JARs

#62 ericchiang closed 2 years ago
1
Make Parser used by Walker configurable

#61 singlethink closed 2 years ago
0
Report CVEs identified

#60 singlethink closed 2 years ago
0
Add license to pool files.

#59 singlethink closed 2 years ago
0
jar: fix pool.Dynamic test flakiness

#58 aktau closed 2 years ago
0
jar: reduce redundant allocations and copies (2x-3x speedup)

#57 aktau closed 2 years ago
9
Feat/makefile

#56 karchx opened 2 years ago
1
Scan does not catch log4j log4j-1.2.12.jar

#55 vitikyalapatii opened 2 years ago
0
Correctly detect vulnerable log4j <2.1

#54 singlethink closed 2 years ago
5
scripts: don't include '.' in the release TAR file

#53 ericchiang closed 2 years ago
0
Add status badges to README

#52 leozz37 closed 2 years ago
1
False negative for old libraries version

#51 nikaiw opened 2 years ago
1
Add version control directories in skipDirs

#50 bunseokbot closed 2 years ago
0
Allow JAR scanning to continue after error

#49 singlethink closed 2 years ago
3
Make maximum recursion depth and maximum in memory size configurable

#48 singlethink closed 2 years ago
2
addresses #46

#47 alexsaveliev closed 2 years ago
3
release assets archives contain potentially dangerous "." folder

#46 alexsaveliev closed 2 years ago
0
Skip opening irrelevant class files

#45 singlethink closed 2 years ago
2
Note that we flag the java 6 and 7 versions as vulnerable

#44 ddworken closed 2 years ago
2
False positive with current detection method

#43 nikaiw closed 2 years ago
3
Error scanning - negative offset

#42 pannemra closed 2 years ago
3
Fix additional corruption with zips created on linux containing empty directories

#41 ddworken closed 2 years ago
0
Improve Parse performance

#40 mknyszek closed 2 years ago
7
Skip Network Mounts

#39 nikaiw closed 2 years ago
4
*: fix typos and specify Go 1.17 requirement

#38 ericchiang closed 2 years ago
0
Please support remediation of CVE-2021-4104 by removing JMSAppender.class as well

#37 jshomphe closed 2 years ago
4
Fix bug where directories inside rewritten jars had incorrect lengths

#36 ddworken closed 2 years ago
0
fixed typo

#35 thecasual closed 2 years ago
0
Add Support for Additional Java Binary Types

#34 pyotam opened 2 years ago
1
test flutter app issue

#33 ryqliang closed 2 years ago
0
"cannot find package" when building or installing through go install command

#32 ForumPlayer closed 2 years ago
1
(docs): correct typo in README.md

#31 vladdoster closed 2 years ago
0
sudo: log4jscanner: command not found

#30 cdo9 closed 2 years ago
2
Remove invalid reference

#29 dominikschulz closed 2 years ago
0
Replace io.ReadAll usage with pre-allocated buffers of appropriate size

#28 lyoung-confluent closed 2 years ago
0
Replace io.ReadAll usage with pre-allocated buffers of appropriate size

#27 lyoung-confluent closed 2 years ago
3
Fix typo in README: throught -> through

#26 tomsugden closed 2 years ago
2
Dependency Error While Building

#25 Ajay-056 closed 2 years ago
0
Add links to contributor usernames in README

#24 ewpratten closed 2 years ago
2
jar: create temp file in same directory before rename

#23 ericchiang closed 2 years ago
0
*: support self-executable JARs

#22 ericchiang closed 2 years ago
0
Support executable JARs

#21 ericchiang closed 2 years ago
1
jar: iterate over zip file headers instead of using fs.WalkDir

#20 ericchiang closed 2 years ago
0
hotfix: add .idea for intellij

#19 karchx closed 2 years ago
2
scanner fails if /tmp is on a different filesystem than the filesystem being scanned on linux

#18 cmedianu closed 2 years ago
2
Can it scan vulnerabilities of other log conpoments, such Logback and java.util.logging.Logger?

#17 TianXiaPlus closed 2 years ago
2
jar: add workaround for malformed ZIP directory entries

#16 ericchiang closed 2 years ago
0
README: add link to pre-compiled releases

#15 ericchiang closed 2 years ago
0