wcm.io

SpotBugs Bug Detector Report

The following document contains the results of SpotBugs

SpotBugs Version is 4.8.3

Threshold is medium

Effort is default

Summary

Classes Bugs Errors Missing Classes
174 5 0 8

Files

Class Bugs
io.wcm.handler.media.impl.ipeconfig.PathParser 2
io.wcm.handler.mediasource.dam.AssetRendition 2
io.wcm.handler.mediasource.ngdm.impl.metadata.NextGenDynamicMediaMetadataServiceImpl 1

io.wcm.handler.media.impl.ipeconfig.PathParser

Bug Category Details Line Priority
The regular expression "^.*/plugins/crop(/aspectRatios(/([^/]+))?)?$" is vulnerable to a denial of service attack (ReDOS) SECURITY REDOS 42 Medium
The regular expression "^/wcmio:mediaHandler/ipeConfig((/[^/]+)+)/wcmio:mediaFormat((/[^/]+)+)/wcmio:config(/.*)?$" is vulnerable to a denial of service attack (ReDOS) SECURITY REDOS 37 Medium

io.wcm.handler.mediasource.dam.AssetRendition

Bug Category Details Line Priority
Load of known null value in io.wcm.handler.mediasource.dam.AssetRendition.getDimensionFromImageBinary(Rendition, boolean) STYLE NP_LOAD_OF_KNOWN_NULL_VALUE 193 Medium
Redundant nullcheck of is which is known to be null in io.wcm.handler.mediasource.dam.AssetRendition.getDimensionFromImageBinary(Rendition, boolean) STYLE RCN_REDUNDANT_NULLCHECK_OF_NULL_VALUE 193 Medium

io.wcm.handler.mediasource.ngdm.impl.metadata.NextGenDynamicMediaMetadataServiceImpl

Bug Category Details Line Priority
Concatenating user-controlled input into a URL SECURITY HTTP_PARAMETER_POLLUTION 175 Medium

Back to top

Copyright ©2014-2024 wcm.io. All Rights Reserved.

Version: 2.0.7-SNAPSHOT. Last Published: 2024-04-25.