(inett GmbH) check_mkExtension to check for log4j2 CVE-2021-44228

This Plugin wraps around
(Apache License 2.0)

How it works

Run in 5 steps:

  1. Find all .jar, .war, .ear, .aar files recursively.
  2. Find META-INF/maven/org.apache.logging.log4j/log4j-core/pom.properties
    entry from JAR file.
  3. Read groupId, artifactId, and version.
  4. Compare log4j2 version and print vulnerable version.


View Github