wcm.io QA

SpotBugs Bug Detector Report

The following document contains the results of SpotBugs

SpotBugs Version is 4.6.0

Threshold is medium

Effort is default

Summary

Classes Bugs Errors Missing Classes
50 12 0 5

Files

Class Bugs
io.wcm.qa.glnm.configuration.CsvUtil 3
io.wcm.qa.glnm.configuration.PropertiesUtil 3
io.wcm.qa.glnm.configuration.TextFileUtil 1
io.wcm.qa.glnm.format.Md5Util 1
io.wcm.qa.glnm.reporting.GaleniumReportUtil 2
io.wcm.qa.glnm.util.FileHandlingUtil 2

io.wcm.qa.glnm.configuration.CsvUtil

Bug Category Details Line Priority
JavaBeans property name populated with user controlled parameters SECURITY BEAN_PROPERTY_INJECTION 121 Medium
This API (java/io/File.<init>(Ljava/lang/String;)V) reads a file whose location might be specified by user input SECURITY PATH_TRAVERSAL_IN 99 Medium
Public method io.wcm.qa.glnm.configuration.CsvUtil.parseToBeans(File, Class) uses reflection to create a class it gets in its parameter which could increase the accessibility of any class MALICIOUS_CODE REFLC_REFLECTION_MAY_INCREASE_ACCESSIBILITY_OF_CLASS 120 Medium

io.wcm.qa.glnm.configuration.PropertiesUtil

Bug Category Details Line Priority
This use of org/slf4j/Logger.trace(Ljava/lang/String;)V might be used to include CRLF characters into log messages SECURITY CRLF_INJECTION_LOGS 120 Medium
Found reliance on default encoding in io.wcm.qa.glnm.configuration.PropertiesUtil.getInputStream(String): new java.io.FileReader(File) I18N DM_DEFAULT_ENCODING 153 High
This API (java/io/File.<init>(Ljava/lang/String;)V) reads a file whose location might be specified by user input SECURITY PATH_TRAVERSAL_IN 147 Medium

io.wcm.qa.glnm.configuration.TextFileUtil

Bug Category Details Line Priority
This API (java/io/File.<init>(Ljava/lang/String;)V) reads a file whose location might be specified by user input SECURITY PATH_TRAVERSAL_IN 66 Medium

io.wcm.qa.glnm.format.Md5Util

Bug Category Details Line Priority
This API MD5 (MDX) is not a recommended cryptographic hash function SECURITY WEAK_MESSAGE_DIGEST_MD5 46 High

io.wcm.qa.glnm.reporting.GaleniumReportUtil

Bug Category Details Line Priority
Do not catch NullPointerException like in io.wcm.qa.glnm.reporting.GaleniumReportUtil.createGalenHtmlReport(List) STYLE DCN_NULLPOINTER_EXCEPTION 171 Medium
This API (java/io/File.<init>(Ljava/lang/String;Ljava/lang/String;)V) reads a file whose location might be specified by user input SECURITY PATH_TRAVERSAL_IN 436 Medium

io.wcm.qa.glnm.util.FileHandlingUtil

Bug Category Details Line Priority
This API (java/io/File.<init>(Ljava/lang/String;)V) reads a file whose location might be specified by user input SECURITY PATH_TRAVERSAL_IN 55 Medium
This API (java/io/File.<init>(Ljava/lang/String;)V) reads a file whose location might be specified by user input SECURITY PATH_TRAVERSAL_IN 67 Medium

Back to top

Copyright ©2017-2022 wcm.io QA. All Rights Reserved.

Version: 5.0.0-SNAPSHOT. Last Published: 2022-09-08.