Comment on page

Log4shell

Usage
snyk log4shell
Description
The snyk log4shell command finds traces of the Log4J library that are affected by the Log4Shell vulnerability CVE-2021-44228​
The command finds traces of the Log4J library even if it is not declared in the manifest files (such as pom.xml or build.gradle).
Managed projects
To test for Log4Shell vulnerabilities in Java projects using their package manager manifest files, use the snyk test command. See the test command help (snyk test --help) and Snyk for Java and Kotlin​
To test unmanaged files, use snyk test --scan-all-unmanaged
See the Maven options section of the test command help; snyk test --help
Exit codes
Possible exit codes and their meaning:
0: success (scan completed), Log4Shell not found
1: action_needed (scan completed), Log4Shell found
2: failure, try to re-run the command. Use -d to output the debug logs.
Debug
Use the -d option to output the debug logs.

Ignore

Monitor

Last modified 1mo ago