log4j-remediation-tools
log4j-remediation-tools copied to clipboard
confirm-vulnerabilities has log4j-core 2.14 as dependency in its pom.xml
Is the program creating a vulnerability or finding a vulnerability?
https://github.com/stripe/log4j-remediation-tools/blob/167e1f9012a4e0b8b7e97f49e5ed6ef932a42c52/confirm-vulnerabilities/pom.xml#L18-L21