SpotBugs Bug Detector Report
The following document contains the results of SpotBugs
SpotBugs Version is 4.8.6
Threshold is medium
Effort is default
Summary
Classes | Bugs | Errors | Missing Classes |
---|---|---|---|
11 | 4 | 0 | 1 |
Files
Class | Bugs |
---|---|
io.wcm.maven.plugins.i18n.TransformMojo | 3 |
io.wcm.maven.plugins.i18n_maven_plugin.HelpMojo | 1 |
io.wcm.maven.plugins.i18n.TransformMojo
Bug | Category | Details | Line | Priority |
---|---|---|---|---|
This API (java/io/File.<init>(Ljava/lang/String;Ljava/lang/String;)V) reads a file whose location might be specified by user input | SECURITY | PATH_TRAVERSAL_IN | 279 | Medium |
This API (java/io/File.<init>(Ljava/lang/String;)V) reads a file whose location might be specified by user input | SECURITY | PATH_TRAVERSAL_IN | 216 | Medium |
This API (java/io/File.<init>(Ljava/lang/String;)V) reads a file whose location might be specified by user input | SECURITY | PATH_TRAVERSAL_IN | 262 | Medium |
io.wcm.maven.plugins.i18n_maven_plugin.HelpMojo
Bug | Category | Details | Line | Priority |
---|---|---|---|---|
The use of DocumentBuilder.parse(...) (DocumentBuilder) is vulnerable to XML External Entity attacks | SECURITY | XXE_DOCUMENT | 77 | Medium |