wcm.io

SpotBugs Bug Detector Report

The following document contains the results of SpotBugs

SpotBugs Version is 4.9.8

Threshold is medium

Effort is default

Summary

Classes Bugs Errors Missing Classes
183 13 0 0

Files

Class Bugs
io.wcm.handler.media.MediaComponentPropertyResolver 4
io.wcm.handler.media.impl.WidthUtils 3
io.wcm.handler.media.impl.ipeconfig.PathParser 2
io.wcm.handler.mediasource.ngdm.impl.metadata.MetadataResponse 2
io.wcm.handler.mediasource.ngdm.impl.metadata.MetadataResponse$SmartCrop 1
io.wcm.handler.mediasource.ngdm.impl.metadata.NextGenDynamicMediaMetadataServiceImpl 1

io.wcm.handler.media.MediaComponentPropertyResolver

Bug Category Details Line Priority
io.wcm.handler.media.MediaComponentPropertyResolver.getMandatoryMediaFormatNames() may return null, but is declared @Nonnull CORRECTNESS NP_NONNULL_RETURN_VIOLATION 196 High
io.wcm.handler.media.MediaComponentPropertyResolver.getMediaFormatNames() may return null, but is declared @Nonnull CORRECTNESS NP_NONNULL_RETURN_VIOLATION 176 High
io.wcm.handler.media.MediaComponentPropertyResolver.getMediaFormatOptions() may return null, but is declared @Nonnull CORRECTNESS NP_NONNULL_RETURN_VIOLATION 153 High
io.wcm.handler.media.MediaComponentPropertyResolver.getPictureSources() may return null, but is declared @Nonnull CORRECTNESS NP_NONNULL_RETURN_VIOLATION 227 High

io.wcm.handler.media.impl.WidthUtils

Bug Category Details Line Priority
io.wcm.handler.media.impl.WidthUtils.parseWidths(String) may return null, but is declared @Nonnull CORRECTNESS NP_NONNULL_RETURN_VIOLATION 71 High
The regular expression "(?<width>\\d+)(:(?<density>\\d+(\\.\\d+)?x))?(?<optional>\\?)?" is vulnerable to a denial of service attack (ReDOS) SECURITY REDOS 46 Medium
The regular expression "^\\s*\\d+(:\\d+(\\.\\d+)?x)?\\??\\s*(,\\s*\\d+(:\\d+(\\.\\d+)?x)?\\??\\s*)*+$" is vulnerable to a denial of service attack (ReDOS) SECURITY REDOS 52 Medium

io.wcm.handler.media.impl.ipeconfig.PathParser

Bug Category Details Line Priority
The regular expression "^.*/plugins/crop(/aspectRatios(/([^/]+))?)?$" is vulnerable to a denial of service attack (ReDOS) SECURITY REDOS 46 Medium
The regular expression "^/wcmio:mediaHandler/ipeConfig((/[^/]+)+)/wcmio:mediaFormat((/[^/]+)+)/wcmio:config(/.*)?$" is vulnerable to a denial of service attack (ReDOS) SECURITY REDOS 41 Medium

io.wcm.handler.mediasource.ngdm.impl.metadata.MetadataResponse

Bug Category Details Line Priority
Suppressing annotation UUF_UNUSED_PUBLIC_OR_PROTECTED_FIELD on the field io.wcm.handler.mediasource.ngdm.impl.metadata.MetadataResponse.assetMetadata is unnecessary STYLE US_USELESS_SUPPRESSION_ON_FIELD Not available Medium
Suppressing annotation UUF_UNUSED_PUBLIC_OR_PROTECTED_FIELD on the field io.wcm.handler.mediasource.ngdm.impl.metadata.MetadataResponse.repositoryMetadata is unnecessary STYLE US_USELESS_SUPPRESSION_ON_FIELD Not available Medium

io.wcm.handler.mediasource.ngdm.impl.metadata.MetadataResponse$SmartCrop

Bug Category Details Line Priority
Suppressing annotation UUF_UNUSED_PUBLIC_OR_PROTECTED_FIELD on the class io.wcm.handler.mediasource.ngdm.impl.metadata.MetadataResponse$SmartCrop is unnecessary STYLE US_USELESS_SUPPRESSION_ON_CLASS 56 Medium

io.wcm.handler.mediasource.ngdm.impl.metadata.NextGenDynamicMediaMetadataServiceImpl

Bug Category Details Line Priority
Concatenating user-controlled input into a URL SECURITY HTTP_PARAMETER_POLLUTION 219 Medium

Back to top

Copyright ©2014-2026 wcm.io. All Rights Reserved.

Version: 2.9.0-SNAPSHOT. Last Published: 2026-02-24.