Find vulnerable Log4j2 versions on disk and also inside Java Archive Files (Log4Shell CVE-2021-44228, CVE-2021-45046, CVE-2021-45105)
VULNERABLE
JndiLookup.class
, will show up as PATCHED
-q
, --quiet
to suppress summary and banner..zip
files--exclude
option, eg: --exclude /mnt/media/*
CVE-2021-45046
to the README by @lmorg in https://github.com/fox-it/log4j-finder/pull/9
Full Changelog: https://github.com/fox-it/log4j-finder/compare/v1.0.1...v1.2.0
Full Changelog: https://github.com/fox-it/log4j-finder/compare/v1.0.0...v1.0.1
Release of log4j-finder with Pyinstaller builds for Windows and Linux. So it can easily run on systems without Python 3.
Full Changelog: https://github.com/fox-it/log4j-finder/commits/v1.0.0