This repository was archived by the owner on Jun 30, 2023. It is now read-only.
False negative for old libraries version #51
Description
Current detection strategy will ignore jar which do not contain jndimanager. Because of this it is missing the following vulnerables libraries:
log4j-core-2.0-beta9.jar
log4j-core-2.0-rc1.jar
log4j-core-2.0-rc2.jar
log4j-core-2.0.1.jar
log4j-core-2.0.2.jar
log4j-core-2.0.jar
Edit: Hm seeing #45 I understand this is also accepted behavior for now.