The following document contains the results of SpotBugs
SpotBugs Version is 4.8.6
Threshold is medium
Effort is default
Summary
Classes |
Bugs |
Errors |
Missing Classes |
30 |
4 |
0 |
7 |
io.wcm.devops.conga.plugins.aem.maven.CloudManagerAllPackageMojo
Bug |
Category |
Details |
Line |
Priority |
This API (java/io/File.<init>(Ljava/io/File;Ljava/lang/String;)V) reads a file whose location might be specified by user input |
SECURITY |
PATH_TRAVERSAL_IN |
258 |
Medium |
io.wcm.devops.conga.plugins.aem.maven.CloudManagerDispatcherConfigMojo
Bug |
Category |
Details |
Line |
Priority |
This API (java/io/File.<init>(Ljava/io/File;Ljava/lang/String;)V) reads a file whose location might be specified by user input |
SECURITY |
PATH_TRAVERSAL_IN |
91 |
Medium |
io.wcm.devops.conga.plugins.aem.maven.model.ModelParser
Bug |
Category |
Details |
Line |
Priority |
This API (java/io/File.<init>(Ljava/io/File;Ljava/lang/String;)V) reads a file whose location might be specified by user input |
SECURITY |
PATH_TRAVERSAL_IN |
93 |
Medium |
io.wcm.devops.conga.plugins.conga_aem_maven_plugin.HelpMojo
Bug |
Category |
Details |
Line |
Priority |
The use of DocumentBuilder.parse(...) (DocumentBuilder) is vulnerable to XML External Entity attacks |
SECURITY |
XXE_DOCUMENT |
77 |
Medium |