wcm.io DevOps

SpotBugs Bug Detector Report

The following document contains the results of SpotBugs

SpotBugs Version is 4.8.3

Threshold is medium

Effort is default

Summary

Classes Bugs Errors Missing Classes
30 4 0 7

Files

Class Bugs
io.wcm.devops.conga.plugins.aem.maven.CloudManagerAllPackageMojo 1
io.wcm.devops.conga.plugins.aem.maven.CloudManagerDispatcherConfigMojo 1
io.wcm.devops.conga.plugins.aem.maven.model.ModelParser 1
io.wcm.devops.conga.plugins.conga_aem_maven_plugin.HelpMojo 1

io.wcm.devops.conga.plugins.aem.maven.CloudManagerAllPackageMojo

Bug Category Details Line Priority
This API (java/io/File.<init>(Ljava/io/File;Ljava/lang/String;)V) reads a file whose location might be specified by user input SECURITY PATH_TRAVERSAL_IN 258 Medium

io.wcm.devops.conga.plugins.aem.maven.CloudManagerDispatcherConfigMojo

Bug Category Details Line Priority
This API (java/io/File.<init>(Ljava/io/File;Ljava/lang/String;)V) reads a file whose location might be specified by user input SECURITY PATH_TRAVERSAL_IN 91 Medium

io.wcm.devops.conga.plugins.aem.maven.model.ModelParser

Bug Category Details Line Priority
This API (java/io/File.<init>(Ljava/io/File;Ljava/lang/String;)V) reads a file whose location might be specified by user input SECURITY PATH_TRAVERSAL_IN 93 Medium

io.wcm.devops.conga.plugins.conga_aem_maven_plugin.HelpMojo

Bug Category Details Line Priority
The use of DocumentBuilder.parse(...) (DocumentBuilder) is vulnerable to XML External Entity attacks SECURITY XXE_DOCUMENT 77 Medium

Back to top

Copyright ©2015-2024 wcm.io DevOps. All Rights Reserved.

Version: 2.20.1-SNAPSHOT. Last Published: 2024-04-29.