conikeec · October 10, 2019 18:28
diff --git a/gistfile1.txt b/gistfile1.txt
 // create a CPG for the accompanying socket server project
 val serverCpg = createCpgAndSp("/Users/chetanconikee/slgithub/CVE-2017-5645/Log4jSocketServer.jar")
 res1: Workspace =
 __________________________________________________________________________________________
 | name                  | overlays                                                | loaded|
 |=========================================================================================|
 | Log4jSocketServer.jar | semanticcpg(l),dataflow(l),tagging(l),securityprofile(l)| true  |

 // if you happen to be using another project that utlizes the socket server
 val clientCpg = createCpgAndSp("[client-project]")

 // get active CVEs via BOM (Bill of Materials/Open source dependencies) for clientCpg and 
 // identify if it's succeptible to CVE-2017-5645
 getBOM(clientCpg)
	// create a CPG for the accompanying socket server project
	val serverCpg = createCpgAndSp("/Users/chetanconikee/slgithub/CVE-2017-5645/Log4jSocketServer.jar")
	res1: Workspace =
	__________________________________________________________________________________________
	\| name \| overlays \| loaded\|
	\|=========================================================================================\|
	\| Log4jSocketServer.jar \| semanticcpg(l),dataflow(l),tagging(l),securityprofile(l)\| true \|

	// if you happen to be using another project that utlizes the socket server
	val clientCpg = createCpgAndSp("[client-project]")

	// get active CVEs via BOM (Bill of Materials/Open source dependencies) for clientCpg and
	// identify if it's succeptible to CVE-2017-5645
	getBOM(clientCpg)