The following document contains the results of SpotBugs

SpotBugs Version is 4.8.6

Threshold is medium

Effort is default

Summary

Classes	Bugs	Errors	Missing Classes
180	5	0	8

Files

Class	Bugs
io.wcm.handler.media.impl.WidthUtils	2
io.wcm.handler.media.impl.ipeconfig.PathParser	2
io.wcm.handler.mediasource.ngdm.impl.metadata.NextGenDynamicMediaMetadataServiceImpl	1

io.wcm.handler.media.impl.WidthUtils

Bug	Category	Details	Line	Priority
The regular expression "(?<width>\\d+)(:(?<density>\\d+(\\.\\d+)?x))?(?<optional>\\?)?" is vulnerable to a denial of service attack (ReDOS)	SECURITY	REDOS	46	Medium
The regular expression "^\\s\\d+(:\\d+(\\.\\d+)?x)?\\??\\s(,\\s\\d+(:\\d+(\\.\\d+)?x)?\\??\\s)*+$" is vulnerable to a denial of service attack (ReDOS)	SECURITY	REDOS	52	Medium

io.wcm.handler.media.impl.ipeconfig.PathParser

Bug	Category	Details	Line	Priority
The regular expression "^.*/plugins/crop(/aspectRatios(/([^/]+))?)?$" is vulnerable to a denial of service attack (ReDOS)	SECURITY	REDOS	42	Medium
The regular expression "^/wcmio:mediaHandler/ipeConfig((/[^/]+)+)/wcmio:mediaFormat((/[^/]+)+)/wcmio:config(/.*)?$" is vulnerable to a denial of service attack (ReDOS)	SECURITY	REDOS	37	Medium

io.wcm.handler.mediasource.ngdm.impl.metadata.NextGenDynamicMediaMetadataServiceImpl

Bug	Category	Details	Line	Priority
Concatenating user-controlled input into a URL	SECURITY	HTTP_PARAMETER_POLLUTION	219	Medium

Copyright ©2014-2025 wcm.io. All Rights Reserved.

Version: 2.4.3-SNAPSHOT. Last Published: 2025-02-19.