up

datasets/reachability/samples/java/vulnerable-log4j/manifest.json

@@ -0,0 +1,32 @@
+{
+  "sampleId": "sample:java:vulnerable-log4j:001",
+  "version": "1.0.0",
+  "createdAt": "2025-12-13T12:00:00Z",
+  "language": "java",
+  "category": "positive",
+  "description": "Log4Shell CVE-2021-44228 reachable via JNDI lookup in logging path from HTTP request handler",
+  "source": {
+    "repository": "synthetic",
+    "commit": "synthetic-sample",
+    "buildToolchain": "maven:3.9.0,jdk:17"
+  },
+  "vulnerabilities": [
+    {
+      "vulnId": "CVE-2021-44228",
+      "purl": "pkg:maven/org.apache.logging.log4j/log4j-core@2.14.1",
+      "affectedSymbol": "org.apache.logging.log4j.core.lookup.JndiLookup.lookup"
+    }
+  ],
+  "artifacts": [
+    {
+      "path": "artifacts/app.jar",
+      "hash": "sha256:0000000000000000000000000000000000000000000000000000000000000004",
+      "type": "application/java-archive"
+    },
+    {
+      "path": "artifacts/sbom.cdx.json",
+      "hash": "sha256:0000000000000000000000000000000000000000000000000000000000000005",
+      "type": "application/vnd.cyclonedx+json"
+    }
+  ]
+}