This repository was archived by the owner on Dec 10, 2025. It is now read-only.
This repository was archived by the owner on Dec 10, 2025. It is now read-only.
False positives detected for files with multiple extensions. #35
Description
We are still working to confirm, but it appears files with multiple extensions are being detected as vulnerable .jars by this script. One such example was a file called "log4j-core 2.11.2.jar.sha1" was being detected as "log4j-core 2.11.2.jar" by the scan utility.
Is there any code or suggestions that can be added to ignore files that have an extension after ".jar"?