You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We are using logpresso scanner and it seems to be flagging a lot more files with potential vulnerability after log4j 1.x was added to the CVEs.
log4j-finder is however skipping those files entirely and not flagging anything.
I am curious as to which one is reliable and why is it that log4j-finder thinks that this one is not potentially vulnerable.
We are using logpresso scanner and it seems to be flagging a lot more files with potential vulnerability after log4j 1.x was added to the CVEs.
log4j-finder is however skipping those files entirely and not flagging anything.
I am curious as to which one is reliable and why is it that log4j-finder thinks that this one is not potentially vulnerable.
Attaching a file for reference
log4j.jar.zip
.
The text was updated successfully, but these errors were encountered: