News
There are 17,000 unpatched Log4j packages in the Maven Central ecosystem, leaving massive supply-chain risk on the table from Log4Shell exploits.
Why you may already be at risk, how to detect and mitigate the Log4j vulnerabilities now, and how to improve your code security in the future.
A critical flaw in a popularly used Java library is being exploited by malicious actors to deliver malware, while security researchers are scanning for vulnerable servers. The flaw and a proof-of ...
Syft is also able to discern which version of Log4j a Java application contains. The Log4j JAR can be directly included in our project, or it can be hidden away in one of the dependencies we include.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback