wcm.ioSpotBugs Bug Detector Report
The following document contains the results of SpotBugs
SpotBugs Version is 4.5.3
Threshold is medium
Effort is default
Summary
| Classes | Bugs | Errors | Missing Classes |
|---|---|---|---|
| 24 | 5 | 0 | 3 |
Files
| Class | Bugs |
|---|---|
| io.wcm.caconfig.editor.impl.ConfigDataServlet | 1 |
| io.wcm.caconfig.editor.impl.ConfigPersistServlet | 4 |
io.wcm.caconfig.editor.impl.ConfigDataServlet
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| This use of org/slf4j/Logger.error(Ljava/lang/String;Ljava/lang/Throwable;)V might be used to include CRLF characters into log messages | SECURITY | CRLF_INJECTION_LOGS | 130 | Medium |
io.wcm.caconfig.editor.impl.ConfigPersistServlet
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| This use of org/slf4j/Logger.warn(Ljava/lang/String;Ljava/lang/Throwable;)V might be used to include CRLF characters into log messages | SECURITY | CRLF_INJECTION_LOGS | 395 | Medium |
| This use of org/slf4j/Logger.error(Ljava/lang/String;Ljava/lang/Throwable;)V might be used to include CRLF characters into log messages | SECURITY | CRLF_INJECTION_LOGS | 399 | Medium |
| This use of org/slf4j/Logger.warn(Ljava/lang/String;Ljava/lang/Throwable;)V might be used to include CRLF characters into log messages | SECURITY | CRLF_INJECTION_LOGS | 141 | Medium |
| This use of org/slf4j/Logger.error(Ljava/lang/String;Ljava/lang/Throwable;)V might be used to include CRLF characters into log messages | SECURITY | CRLF_INJECTION_LOGS | 145 | Medium |