This repository has been archived by the owner on Jun 30, 2023. It is now read-only.
False negative for old libraries version #51
Comments
|
This was fixed by #54 |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Current detection strategy will ignore jar which do not contain jndimanager. Because of this it is missing the following vulnerables libraries:
log4j-core-2.0-beta9.jar
log4j-core-2.0-rc1.jar
log4j-core-2.0-rc2.jar
log4j-core-2.0.1.jar
log4j-core-2.0.2.jar
log4j-core-2.0.jar
Edit: Hm seeing #45 I understand this is also accepted behavior for now.
The text was updated successfully, but these errors were encountered: