The following document contains the results of SpotBugs

SpotBugs Version is 4.9.3

Threshold is medium

Effort is default

Summary

Classes Bugs Errors Missing Classes
180 9 0 8

Files

Class Bugs
io.wcm.handler.media.impl.AbstractMediaFileServlet 1
io.wcm.handler.media.impl.MediaHandlerImpl 1
io.wcm.handler.media.impl.WidthUtils 2
io.wcm.handler.media.impl.ipeconfig.PathParser 2
io.wcm.handler.mediasource.ngdm.impl.metadata.AccessTokenResponse 1
io.wcm.handler.mediasource.ngdm.impl.metadata.MetadataResponse 1
io.wcm.handler.mediasource.ngdm.impl.metadata.NextGenDynamicMediaMetadataServiceImpl 1

io.wcm.handler.media.impl.AbstractMediaFileServlet

Bug Category Details Line Priority
Suppressing annotation on the method io.wcm.handler.media.impl.AbstractMediaFileServlet.doGet(SlingHttpServletRequest, SlingHttpServletResponse) is unnecessary STYLE US_USELESS_SUPPRESSION_ON_METHOD 59-80 Medium

io.wcm.handler.media.impl.MediaHandlerImpl

Bug Category Details Line Priority
Suppressing annotation on the method io.wcm.handler.media.impl.MediaHandlerImpl.processRequest(MediaRequest) is unnecessary STYLE US_USELESS_SUPPRESSION_ON_METHOD 128-229 Medium

io.wcm.handler.media.impl.WidthUtils

Bug Category Details Line Priority
The regular expression "(?<width>\\d+)(:(?<density>\\d+(\\.\\d+)?x))?(?<optional>\\?)?" is vulnerable to a denial of service attack (ReDOS) SECURITY REDOS 46 Medium
The regular expression "^\\s*\\d+(:\\d+(\\.\\d+)?x)?\\??\\s*(,\\s*\\d+(:\\d+(\\.\\d+)?x)?\\??\\s*)*+$" is vulnerable to a denial of service attack (ReDOS) SECURITY REDOS 52 Medium

io.wcm.handler.media.impl.ipeconfig.PathParser

Bug Category Details Line Priority
The regular expression "^.*/plugins/crop(/aspectRatios(/([^/]+))?)?$" is vulnerable to a denial of service attack (ReDOS) SECURITY REDOS 42 Medium
The regular expression "^/wcmio:mediaHandler/ipeConfig((/[^/]+)+)/wcmio:mediaFormat((/[^/]+)+)/wcmio:config(/.*)?$" is vulnerable to a denial of service attack (ReDOS) SECURITY REDOS 37 Medium

io.wcm.handler.mediasource.ngdm.impl.metadata.AccessTokenResponse

Bug Category Details Line Priority
Suppressing annotation on the class io.wcm.handler.mediasource.ngdm.impl.metadata.AccessTokenResponse is unnecessary STYLE US_USELESS_SUPPRESSION_ON_CLASS 33 Medium

io.wcm.handler.mediasource.ngdm.impl.metadata.MetadataResponse

Bug Category Details Line Priority
Suppressing annotation on the class io.wcm.handler.mediasource.ngdm.impl.metadata.MetadataResponse is unnecessary STYLE US_USELESS_SUPPRESSION_ON_CLASS 35 Medium

io.wcm.handler.mediasource.ngdm.impl.metadata.NextGenDynamicMediaMetadataServiceImpl

Bug Category Details Line Priority
Concatenating user-controlled input into a URL SECURITY HTTP_PARAMETER_POLLUTION 219 Medium

Back to top

Version: 2.4.3-SNAPSHOT. Last Published: 2025-02-19.