wcm.io DevOps

SpotBugs Bug Detector Report

The following document contains the results of SpotBugs

SpotBugs Version is 4.8.3

Threshold is medium

Effort is default

Summary

Classes Bugs Errors Missing Classes
24 10 0 4

Files

Class Bugs
io.wcm.devops.conga.conga_maven_plugin.HelpMojo 1
io.wcm.devops.conga.tooling.maven.plugin.AbstractCongaMojo 5
io.wcm.devops.conga.tooling.maven.plugin.GenerateVersionInfoMojo 1
io.wcm.devops.conga.tooling.maven.plugin.PackageMojo 1
io.wcm.devops.conga.tooling.maven.plugin.util.ClassLoaderUtil 2

io.wcm.devops.conga.conga_maven_plugin.HelpMojo

Bug Category Details Line Priority
The use of DocumentBuilder.parse(...) (DocumentBuilder) is vulnerable to XML External Entity attacks SECURITY XXE_DOCUMENT 77 Medium

io.wcm.devops.conga.tooling.maven.plugin.AbstractCongaMojo

Bug Category Details Line Priority
This API (java/io/File.<init>(Ljava/lang/String;Ljava/lang/String;)V) reads a file whose location might be specified by user input SECURITY PATH_TRAVERSAL_IN 253 Medium
This API (java/io/File.<init>(Ljava/lang/String;)V) reads a file whose location might be specified by user input SECURITY PATH_TRAVERSAL_IN 265 Medium
This API (java/io/File.<init>(Ljava/lang/String;)V) reads a file whose location might be specified by user input SECURITY PATH_TRAVERSAL_IN 305 Medium
This API (java/io/File.<init>(Ljava/io/File;Ljava/lang/String;)V) reads a file whose location might be specified by user input SECURITY PATH_TRAVERSAL_IN 339 Medium
This API (java/io/File.<init>(Ljava/io/File;Ljava/lang/String;)V) reads a file whose location might be specified by user input SECURITY PATH_TRAVERSAL_IN 345 Medium

io.wcm.devops.conga.tooling.maven.plugin.GenerateVersionInfoMojo

Bug Category Details Line Priority
This API (java/io/File.<init>(Ljava/lang/String;Ljava/lang/String;)V) reads a file whose location might be specified by user input SECURITY PATH_TRAVERSAL_IN 61 Medium

io.wcm.devops.conga.tooling.maven.plugin.PackageMojo

Bug Category Details Line Priority
This API (java/io/File.<init>(Ljava/lang/String;Ljava/lang/String;)V) reads a file whose location might be specified by user input SECURITY PATH_TRAVERSAL_IN 151 Medium

io.wcm.devops.conga.tooling.maven.plugin.util.ClassLoaderUtil

Bug Category Details Line Priority
This API (java/io/File.<init>(Ljava/lang/String;)V) reads a file whose location might be specified by user input SECURITY PATH_TRAVERSAL_IN 70 Medium
This API (java/io/File.<init>(Ljava/lang/String;)V) reads a file whose location might be specified by user input SECURITY PATH_TRAVERSAL_IN 73 Medium

Back to top

Copyright ©2015-2024 wcm.io DevOps. All Rights Reserved.

Version: 1.17.1-SNAPSHOT. Last Published: 2024-11-20.