SpotBugs Bug Detector Report
The following document contains the results of SpotBugs
SpotBugs Version is 4.7.3
Threshold is medium
Effort is default
Summary
| Classes |
Bugs |
Errors |
Missing Classes |
| 306 |
16 |
0 |
0 |
org.owasp.dependencycheck.analyzer.AbstractSuppressionAnalyzer
| Bug |
Category |
Details |
Line |
Priority |
| Possible null pointer dereference in org.owasp.dependencycheck.analyzer.AbstractSuppressionAnalyzer.loadSuppressionFile(SuppressionParser, String) due to return value of called method |
STYLE |
NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE |
380 |
Medium |
org.owasp.dependencycheck.analyzer.CentralAnalyzer
org.owasp.dependencycheck.analyzer.DependencyBundlingAnalyzer
| Bug |
Category |
Details |
Line |
Priority |
| Do not catch NullPointerException like in org.owasp.dependencycheck.analyzer.DependencyBundlingAnalyzer.npmVersionsMatch(String, String) |
STYLE |
DCN_NULLPOINTER_EXCEPTION |
655 |
Medium |
org.owasp.dependencycheck.analyzer.GolangModAnalyzer
org.owasp.dependencycheck.analyzer.HintAnalyzer
| Bug |
Category |
Details |
Line |
Priority |
| Possible null pointer dereference in org.owasp.dependencycheck.analyzer.HintAnalyzer.loadHintRules() due to return value of called method |
STYLE |
NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE |
296 |
Medium |
org.owasp.dependencycheck.data.knownexploited.json.Vulnerability
| Bug |
Category |
Details |
Line |
Priority |
| Comparison of String objects using == or != in org.owasp.dependencycheck.data.knownexploited.json.Vulnerability.equals(Object) |
BAD_PRACTICE |
ES_COMPARING_STRINGS_WITH_EQ |
369 |
Medium |
| Comparison of String objects using == or != in org.owasp.dependencycheck.data.knownexploited.json.Vulnerability.equals(Object) |
BAD_PRACTICE |
ES_COMPARING_STRINGS_WITH_EQ |
369 |
Medium |
| Comparison of String objects using == or != in org.owasp.dependencycheck.data.knownexploited.json.Vulnerability.equals(Object) |
BAD_PRACTICE |
ES_COMPARING_STRINGS_WITH_EQ |
369 |
Medium |
| Comparison of String objects using == or != in org.owasp.dependencycheck.data.knownexploited.json.Vulnerability.equals(Object) |
BAD_PRACTICE |
ES_COMPARING_STRINGS_WITH_EQ |
369 |
Medium |
| Comparison of String objects using == or != in org.owasp.dependencycheck.data.knownexploited.json.Vulnerability.equals(Object) |
BAD_PRACTICE |
ES_COMPARING_STRINGS_WITH_EQ |
369 |
Medium |
| Comparison of String objects using == or != in org.owasp.dependencycheck.data.knownexploited.json.Vulnerability.equals(Object) |
BAD_PRACTICE |
ES_COMPARING_STRINGS_WITH_EQ |
369 |
Medium |
| Comparison of String objects using == or != in org.owasp.dependencycheck.data.knownexploited.json.Vulnerability.equals(Object) |
BAD_PRACTICE |
ES_COMPARING_STRINGS_WITH_EQ |
369 |
Medium |
| Comparison of String objects using == or != in org.owasp.dependencycheck.data.knownexploited.json.Vulnerability.equals(Object) |
BAD_PRACTICE |
ES_COMPARING_STRINGS_WITH_EQ |
369 |
Medium |
org.owasp.dependencycheck.data.update.NvdApiDataSource
| Bug |
Category |
Details |
Line |
Priority |
| Exception is caught when Exception is not thrown in org.owasp.dependencycheck.data.update.NvdApiDataSource.processApi() |
STYLE |
REC_CATCH_EXCEPTION |
375 |
Medium |
org.owasp.dependencycheck.dependency.Vulnerability
| Bug |
Category |
Details |
Line |
Priority |
| Class org.owasp.dependencycheck.dependency.Vulnerability defines non-transient non-serializable instance field knownExploitedVulnerability |
BAD_PRACTICE |
SE_BAD_FIELD |
Not available |
High |
