SpotBugs Bug Detector Report
The following document contains the results of SpotBugs
SpotBugs Version is 4.7.3
Threshold is medium
Effort is default
Summary
Classes |
Bugs |
Errors |
Missing Classes |
306 |
16 |
0 |
0 |
org.owasp.dependencycheck.analyzer.AbstractSuppressionAnalyzer
Bug |
Category |
Details |
Line |
Priority |
Possible null pointer dereference in org.owasp.dependencycheck.analyzer.AbstractSuppressionAnalyzer.loadSuppressionFile(SuppressionParser, String) due to return value of called method |
STYLE |
NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE |
380 |
Medium |
org.owasp.dependencycheck.analyzer.CentralAnalyzer
org.owasp.dependencycheck.analyzer.DependencyBundlingAnalyzer
Bug |
Category |
Details |
Line |
Priority |
Do not catch NullPointerException like in org.owasp.dependencycheck.analyzer.DependencyBundlingAnalyzer.npmVersionsMatch(String, String) |
STYLE |
DCN_NULLPOINTER_EXCEPTION |
655 |
Medium |
org.owasp.dependencycheck.analyzer.GolangModAnalyzer
org.owasp.dependencycheck.analyzer.HintAnalyzer
Bug |
Category |
Details |
Line |
Priority |
Possible null pointer dereference in org.owasp.dependencycheck.analyzer.HintAnalyzer.loadHintRules() due to return value of called method |
STYLE |
NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE |
296 |
Medium |
org.owasp.dependencycheck.data.knownexploited.json.Vulnerability
Bug |
Category |
Details |
Line |
Priority |
Comparison of String objects using == or != in org.owasp.dependencycheck.data.knownexploited.json.Vulnerability.equals(Object) |
BAD_PRACTICE |
ES_COMPARING_STRINGS_WITH_EQ |
369 |
Medium |
Comparison of String objects using == or != in org.owasp.dependencycheck.data.knownexploited.json.Vulnerability.equals(Object) |
BAD_PRACTICE |
ES_COMPARING_STRINGS_WITH_EQ |
369 |
Medium |
Comparison of String objects using == or != in org.owasp.dependencycheck.data.knownexploited.json.Vulnerability.equals(Object) |
BAD_PRACTICE |
ES_COMPARING_STRINGS_WITH_EQ |
369 |
Medium |
Comparison of String objects using == or != in org.owasp.dependencycheck.data.knownexploited.json.Vulnerability.equals(Object) |
BAD_PRACTICE |
ES_COMPARING_STRINGS_WITH_EQ |
369 |
Medium |
Comparison of String objects using == or != in org.owasp.dependencycheck.data.knownexploited.json.Vulnerability.equals(Object) |
BAD_PRACTICE |
ES_COMPARING_STRINGS_WITH_EQ |
369 |
Medium |
Comparison of String objects using == or != in org.owasp.dependencycheck.data.knownexploited.json.Vulnerability.equals(Object) |
BAD_PRACTICE |
ES_COMPARING_STRINGS_WITH_EQ |
369 |
Medium |
Comparison of String objects using == or != in org.owasp.dependencycheck.data.knownexploited.json.Vulnerability.equals(Object) |
BAD_PRACTICE |
ES_COMPARING_STRINGS_WITH_EQ |
369 |
Medium |
Comparison of String objects using == or != in org.owasp.dependencycheck.data.knownexploited.json.Vulnerability.equals(Object) |
BAD_PRACTICE |
ES_COMPARING_STRINGS_WITH_EQ |
369 |
Medium |
org.owasp.dependencycheck.data.update.NvdApiDataSource
Bug |
Category |
Details |
Line |
Priority |
Exception is caught when Exception is not thrown in org.owasp.dependencycheck.data.update.NvdApiDataSource.processApi() |
STYLE |
REC_CATCH_EXCEPTION |
375 |
Medium |
org.owasp.dependencycheck.dependency.Vulnerability
Bug |
Category |
Details |
Line |
Priority |
Class org.owasp.dependencycheck.dependency.Vulnerability defines non-transient non-serializable instance field knownExploitedVulnerability |
BAD_PRACTICE |
SE_BAD_FIELD |
Not available |
High |