Comment on page
Log4shell
snyk log4shell
The
snyk log4shell
command finds traces of the Log4J library that are affected by the Log4Shell vulnerability CVE-2021-44228The command finds traces of the Log4J library even if it is not declared in the manifest files (such as
pom.xml
or build.gradle
).To test for Log4Shell vulnerabilities in Java projects using their package manager manifest files, use the
snyk test
command. See the test command help (snyk test --help
) and Snyk for Java and KotlinTo test unmanaged files, use
snyk test --scan-all-unmanaged
Possible exit codes and their meaning:
0: success (scan completed), Log4Shell not found
1: action_needed (scan completed), Log4Shell found
2: failure, try to re-run the command. Use
-d
to output the debug logs.Use the
-d
option to output the debug logs.Last modified 1mo ago