wcm.io Caravan

SpotBugs Bug Detector Report

The following document contains the results of SpotBugs

SpotBugs Version is 4.8.3

Threshold is medium

Effort is default

Summary

Classes Bugs Errors Missing Classes
3 4 0 1

Files

Class Bugs
io.wcm.caravan.commons.cors.impl.CorsServletFilter 4

io.wcm.caravan.commons.cors.impl.CorsServletFilter

Bug Category Details Line Priority
HTTP parameter directly written to HTTP header output in io.wcm.caravan.commons.cors.impl.CorsServletFilter.doFilter(ServletRequest, ServletResponse, FilterChain) SECURITY HRS_REQUEST_PARAMETER_TO_HTTP_HEADER 127 Medium
This use of javax/servlet/http/HttpServletResponse.setHeader(Ljava/lang/String;Ljava/lang/String;)V might be used to include CRLF characters into HTTP headers SECURITY HTTP_RESPONSE_SPLITTING 127 Medium
The program defines an overly permissive Cross-Origin Resource Sharing (CORS) policy SECURITY PERMISSIVE_CORS 123 High
The program defines an overly permissive Cross-Origin Resource Sharing (CORS) policy SECURITY PERMISSIVE_CORS 127 High

Back to top

Copyright ©2014-2024 wcm.io Caravan. All Rights Reserved.

Version: 1.0.1-SNAPSHOT. Last Published: 2024-03-21.