Forum Discussion
- Anonymous
A propertysource would probably work better. Until simpler testing tools come out, you could ssh into your server and use something like syft to create a BoM and see if that BoM contains the offending version of log4j.
- ShackAdvisor
This could probably be turned into some sort of property source or datasource.
https://log4shell.huntress.com/
Related Content
- 8 months ago
- 9 months ago
- 6 months ago