SpotBugs Bug Detector Report
The following document contains the results of SpotBugs
SpotBugs Version is 4.8.6
Threshold is medium
Effort is default
Summary
| Classes | Bugs | Errors | Missing Classes |
|---|---|---|---|
| 185 | 151 | 0 | 0 |
Files
com.jsql.model.InjectionModel
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| com.jsql.model.InjectionModel.getMediatorStrategy() may expose internal representation by returning InjectionModel.mediatorStrategy | MALICIOUS_CODE | EI_EXPOSE_REP | 784 | Medium |
| com.jsql.model.InjectionModel.getMediatorUtils() may expose internal representation by returning InjectionModel.mediatorUtils | MALICIOUS_CODE | EI_EXPOSE_REP | 764 | Medium |
| com.jsql.model.InjectionModel.getMediatorVendor() may expose internal representation by returning InjectionModel.mediatorVendor | MALICIOUS_CODE | EI_EXPOSE_REP | 768 | Medium |
| com.jsql.model.InjectionModel.getResourceAccess() may expose internal representation by returning InjectionModel.resourceAccess | MALICIOUS_CODE | EI_EXPOSE_REP | 780 | Medium |
| com.jsql.model.InjectionModel is Serializable; consider declaring a serialVersionUID | BAD_PRACTICE | SE_NO_SERIALVERSIONID | 64-793 | Medium |
com.jsql.model.MediatorUtils
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| com.jsql.model.MediatorUtils.getAuthenticationUtil() may expose internal representation by returning MediatorUtils.authenticationUtil | MALICIOUS_CODE | EI_EXPOSE_REP | 53 | Medium |
| com.jsql.model.MediatorUtils.getConnectionUtil() may expose internal representation by returning MediatorUtils.connectionUtil | MALICIOUS_CODE | EI_EXPOSE_REP | 49 | Medium |
| com.jsql.model.MediatorUtils.getCsrfUtil() may expose internal representation by returning MediatorUtils.csrfUtil | MALICIOUS_CODE | EI_EXPOSE_REP | 158 | Medium |
| com.jsql.model.MediatorUtils.getDigestUtil() may expose internal representation by returning MediatorUtils.digestUtil | MALICIOUS_CODE | EI_EXPOSE_REP | 166 | Medium |
| com.jsql.model.MediatorUtils.getExceptionUtil() may expose internal representation by returning MediatorUtils.exceptionUtil | MALICIOUS_CODE | EI_EXPOSE_REP | 69 | Medium |
| com.jsql.model.MediatorUtils.getFormUtil() may expose internal representation by returning MediatorUtils.formUtil | MALICIOUS_CODE | EI_EXPOSE_REP | 174 | Medium |
| com.jsql.model.MediatorUtils.getParameterUtil() may expose internal representation by returning MediatorUtils.parameterUtil | MALICIOUS_CODE | EI_EXPOSE_REP | 65 | Medium |
| com.jsql.model.MediatorUtils.getPreferencesUtil() may expose internal representation by returning MediatorUtils.preferencesUtil | MALICIOUS_CODE | EI_EXPOSE_REP | 81 | Medium |
| com.jsql.model.MediatorUtils.getProxyUtil() may expose internal representation by returning MediatorUtils.proxyUtil | MALICIOUS_CODE | EI_EXPOSE_REP | 85 | Medium |
| com.jsql.model.MediatorUtils.getTamperingUtil() may expose internal representation by returning MediatorUtils.tamperingUtil | MALICIOUS_CODE | EI_EXPOSE_REP | 97 | Medium |
| com.jsql.model.MediatorUtils.getThreadUtil() may expose internal representation by returning MediatorUtils.threadUtil | MALICIOUS_CODE | EI_EXPOSE_REP | 89 | Medium |
| com.jsql.model.MediatorUtils.getUserAgentUtil() may expose internal representation by returning MediatorUtils.userAgentUtil | MALICIOUS_CODE | EI_EXPOSE_REP | 93 | Medium |
| com.jsql.model.MediatorUtils.setAuthenticationUtil(AuthenticationUtil) may expose internal representation by storing an externally mutable object into MediatorUtils.authenticationUtil | MALICIOUS_CODE | EI_EXPOSE_REP2 | 110 | Medium |
| com.jsql.model.MediatorUtils.setConnectionUtil(ConnectionUtil) may expose internal representation by storing an externally mutable object into MediatorUtils.connectionUtil | MALICIOUS_CODE | EI_EXPOSE_REP2 | 106 | Medium |
| com.jsql.model.MediatorUtils.setCsrfUtil(CsrfUtil) may expose internal representation by storing an externally mutable object into MediatorUtils.csrfUtil | MALICIOUS_CODE | EI_EXPOSE_REP2 | 162 | Medium |
| com.jsql.model.MediatorUtils.setDigestUtil(DigestUtil) may expose internal representation by storing an externally mutable object into MediatorUtils.digestUtil | MALICIOUS_CODE | EI_EXPOSE_REP2 | 170 | Medium |
| com.jsql.model.MediatorUtils.setExceptionUtil(ExceptionUtil) may expose internal representation by storing an externally mutable object into MediatorUtils.exceptionUtil | MALICIOUS_CODE | EI_EXPOSE_REP2 | 126 | Medium |
| com.jsql.model.MediatorUtils.setFormUtil(FormUtil) may expose internal representation by storing an externally mutable object into MediatorUtils.formUtil | MALICIOUS_CODE | EI_EXPOSE_REP2 | 178 | Medium |
| com.jsql.model.MediatorUtils.setParameterUtil(ParameterUtil) may expose internal representation by storing an externally mutable object into MediatorUtils.parameterUtil | MALICIOUS_CODE | EI_EXPOSE_REP2 | 122 | Medium |
| com.jsql.model.MediatorUtils.setPreferencesUtil(PreferencesUtil) may expose internal representation by storing an externally mutable object into MediatorUtils.preferencesUtil | MALICIOUS_CODE | EI_EXPOSE_REP2 | 138 | Medium |
| com.jsql.model.MediatorUtils.setProxyUtil(ProxyUtil) may expose internal representation by storing an externally mutable object into MediatorUtils.proxyUtil | MALICIOUS_CODE | EI_EXPOSE_REP2 | 142 | Medium |
| com.jsql.model.MediatorUtils.setTamperingUtil(TamperingUtil) may expose internal representation by storing an externally mutable object into MediatorUtils.tamperingUtil | MALICIOUS_CODE | EI_EXPOSE_REP2 | 150 | Medium |
| com.jsql.model.MediatorUtils.setThreadUtil(ThreadUtil) may expose internal representation by storing an externally mutable object into MediatorUtils.threadUtil | MALICIOUS_CODE | EI_EXPOSE_REP2 | 146 | Medium |
| com.jsql.model.MediatorUtils.setUserAgentUtil(UserAgentUtil) may expose internal representation by storing an externally mutable object into MediatorUtils.userAgentUtil | MALICIOUS_CODE | EI_EXPOSE_REP2 | 154 | Medium |
com.jsql.model.accessible.CallableFile
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| com.jsql.model.accessible.CallableFile.getSuspendableReadFile() may expose internal representation by returning CallableFile.suspendableReadFile | MALICIOUS_CODE | EI_EXPOSE_REP | 105 | Medium |
| new com.jsql.model.accessible.CallableFile(String, InjectionModel) may expose internal representation by storing an externally mutable object into CallableFile.injectionModel | MALICIOUS_CODE | EI_EXPOSE_REP2 | 50 | Medium |
com.jsql.model.accessible.CallableHttpHead
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| new com.jsql.model.accessible.CallableHttpHead(String, InjectionModel, String) may expose internal representation by storing an externally mutable object into CallableHttpHead.injectionModel | MALICIOUS_CODE | EI_EXPOSE_REP2 | 60 | Medium |
com.jsql.model.accessible.DataAccess
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| new com.jsql.model.accessible.DataAccess(InjectionModel) may expose internal representation by storing an externally mutable object into DataAccess.injectionModel | MALICIOUS_CODE | EI_EXPOSE_REP2 | 98 | Medium |
com.jsql.model.accessible.ResourceAccess
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| com.jsql.model.accessible.ResourceAccess.getCallablesReadFile() may expose internal representation by returning ResourceAccess.callablesReadFile | MALICIOUS_CODE | EI_EXPOSE_REP | 968 | Medium |
| new com.jsql.model.accessible.ResourceAccess(InjectionModel) may expose internal representation by storing an externally mutable object into ResourceAccess.injectionModel | MALICIOUS_CODE | EI_EXPOSE_REP2 | 99 | Medium |
com.jsql.model.bean.database.Column
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| com.jsql.model.bean.database.Column.getParent() may expose internal representation by returning Column.parentTable | MALICIOUS_CODE | EI_EXPOSE_REP | 41 | Medium |
| new com.jsql.model.bean.database.Column(String, Table) may expose internal representation by storing an externally mutable object into Column.parentTable | MALICIOUS_CODE | EI_EXPOSE_REP2 | 32 | Medium |
com.jsql.model.bean.database.Table
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| com.jsql.model.bean.database.Table.getParent() may expose internal representation by returning Table.parentDatabase | MALICIOUS_CODE | EI_EXPOSE_REP | 52 | Medium |
| new com.jsql.model.bean.database.Table(String, String, Database) may expose internal representation by storing an externally mutable object into Table.parentDatabase | MALICIOUS_CODE | EI_EXPOSE_REP2 | 46 | Medium |
com.jsql.model.bean.util.HttpHeader
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| com.jsql.model.bean.util.HttpHeader.getHeader() may expose internal representation by returning HttpHeader.header | MALICIOUS_CODE | EI_EXPOSE_REP | 71 | Medium |
| com.jsql.model.bean.util.HttpHeader.getResponse() may expose internal representation by returning HttpHeader.response | MALICIOUS_CODE | EI_EXPOSE_REP | 75 | Medium |
| new com.jsql.model.bean.util.HttpHeader(String, String, Map, Map, String) may expose internal representation by storing an externally mutable object into HttpHeader.header | MALICIOUS_CODE | EI_EXPOSE_REP2 | 49 | Medium |
| new com.jsql.model.bean.util.HttpHeader(String, String, Map, Map, String) may expose internal representation by storing an externally mutable object into HttpHeader.response | MALICIOUS_CODE | EI_EXPOSE_REP2 | 50 | Medium |
com.jsql.model.bean.util.Request
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| com.jsql.model.bean.util.Request.getParameters() may expose internal representation by returning Request.parameters | MALICIOUS_CODE | EI_EXPOSE_REP | 37 | Medium |
com.jsql.model.injection.method.MediatorMethod
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| com.jsql.model.injection.method.MediatorMethod.getMethods() may expose internal representation by returning MediatorMethod.methods | MALICIOUS_CODE | EI_EXPOSE_REP | 104 | Medium |
com.jsql.model.injection.strategy.MediatorStrategy
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| com.jsql.model.injection.strategy.MediatorStrategy.getBlind() may expose internal representation by returning MediatorStrategy.blind | MALICIOUS_CODE | EI_EXPOSE_REP | 246 | Medium |
| com.jsql.model.injection.strategy.MediatorStrategy.getError() may expose internal representation by returning MediatorStrategy.error | MALICIOUS_CODE | EI_EXPOSE_REP | 242 | Medium |
| com.jsql.model.injection.strategy.MediatorStrategy.getMultibit() may expose internal representation by returning MediatorStrategy.multibit | MALICIOUS_CODE | EI_EXPOSE_REP | 250 | Medium |
| com.jsql.model.injection.strategy.MediatorStrategy.getNormal() may expose internal representation by returning MediatorStrategy.normal | MALICIOUS_CODE | EI_EXPOSE_REP | 234 | Medium |
| com.jsql.model.injection.strategy.MediatorStrategy.getSpecificNormal() may expose internal representation by returning MediatorStrategy.normal | MALICIOUS_CODE | EI_EXPOSE_REP | 238 | Medium |
| com.jsql.model.injection.strategy.MediatorStrategy.getStacked() may expose internal representation by returning MediatorStrategy.stacked | MALICIOUS_CODE | EI_EXPOSE_REP | 258 | Medium |
| com.jsql.model.injection.strategy.MediatorStrategy.getStrategies() may expose internal representation by returning MediatorStrategy.strategies | MALICIOUS_CODE | EI_EXPOSE_REP | 262 | Medium |
| com.jsql.model.injection.strategy.MediatorStrategy.getStrategy() may expose internal representation by returning MediatorStrategy.strategy | MALICIOUS_CODE | EI_EXPOSE_REP | 266 | Medium |
| com.jsql.model.injection.strategy.MediatorStrategy.getTime() may expose internal representation by returning MediatorStrategy.time | MALICIOUS_CODE | EI_EXPOSE_REP | 254 | Medium |
| new com.jsql.model.injection.strategy.MediatorStrategy(InjectionModel) may expose internal representation by storing an externally mutable object into MediatorStrategy.injectionModel | MALICIOUS_CODE | EI_EXPOSE_REP2 | 44 | Medium |
| com.jsql.model.injection.strategy.MediatorStrategy.setStrategy(AbstractStrategy) may expose internal representation by storing an externally mutable object into MediatorStrategy.strategy | MALICIOUS_CODE | EI_EXPOSE_REP2 | 270 | Medium |
com.jsql.model.injection.strategy.blind.CallableBlind
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| com.jsql.model.injection.strategy.blind.CallableBlind.getDiffsWithReference() may expose internal representation by returning CallableBlind.diffsWithReference | MALICIOUS_CODE | EI_EXPOSE_REP | 99 | Medium |
| new com.jsql.model.injection.strategy.blind.CallableBlind(String, InjectionModel, InjectionBlind, AbstractInjectionBoolean$BooleanMode, String) may expose internal representation by storing an externally mutable object into CallableBlind.injectionModel | MALICIOUS_CODE | EI_EXPOSE_REP2 | 34 | Medium |
com.jsql.model.injection.strategy.blind.CallableCharInsertion
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| com.jsql.model.injection.strategy.blind.CallableCharInsertion.getOpcodes() may expose internal representation by returning CallableCharInsertion.opcodes | MALICIOUS_CODE | EI_EXPOSE_REP | 80 | Medium |
com.jsql.model.injection.strategy.blind.CallableMultibit
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| com.jsql.model.injection.strategy.blind.CallableMultibit.getDiffsWithReference() may expose internal representation by returning CallableMultibit.diffsWithReference | MALICIOUS_CODE | EI_EXPOSE_REP | 77 | Medium |
com.jsql.model.injection.strategy.blind.CallableTime
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| new com.jsql.model.injection.strategy.blind.CallableTime(String, InjectionModel, InjectionTime, AbstractInjectionBoolean$BooleanMode, String) may expose internal representation by storing an externally mutable object into CallableTime.injectionModel | MALICIOUS_CODE | EI_EXPOSE_REP2 | 46 | Medium |
com.jsql.model.injection.strategy.blind.CallableVendor
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| com.jsql.model.injection.strategy.blind.CallableVendor.getOpcodes() may expose internal representation by returning CallableVendor.opcodes | MALICIOUS_CODE | EI_EXPOSE_REP | 58 | Medium |
com.jsql.model.injection.strategy.blind.InjectionBlind
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Exception thrown in class com.jsql.model.injection.strategy.blind.InjectionBlind at new com.jsql.model.injection.strategy.blind.InjectionBlind(InjectionModel, AbstractInjectionBoolean$BooleanMode) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. | BAD_PRACTICE | CT_CONSTRUCTOR_THROW | 103 | Medium |
| com.jsql.model.injection.strategy.blind.InjectionBlind.getFalseDiffs() may expose internal representation by returning InjectionBlind.falseDiffs | MALICIOUS_CODE | EI_EXPOSE_REP | 197 | Medium |
com.jsql.model.injection.strategy.blind.InjectionCharInsertion
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Exception thrown in class com.jsql.model.injection.strategy.blind.InjectionCharInsertion at new com.jsql.model.injection.strategy.blind.InjectionCharInsertion(InjectionModel, String, String) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. | BAD_PRACTICE | CT_CONSTRUCTOR_THROW | 120 | Medium |
| com.jsql.model.injection.strategy.blind.InjectionCharInsertion.getConstantTrueMark() may expose internal representation by returning InjectionCharInsertion.constantTrueMark | MALICIOUS_CODE | EI_EXPOSE_REP | 211 | Medium |
| new com.jsql.model.injection.strategy.blind.InjectionCharInsertion(InjectionModel, String, String) may expose internal representation by storing an externally mutable object into InjectionCharInsertion.injectionModel | MALICIOUS_CODE | EI_EXPOSE_REP2 | 56 | Medium |
com.jsql.model.injection.strategy.blind.InjectionMultibit
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| com.jsql.model.injection.strategy.blind.InjectionMultibit.getDiffsById() may expose internal representation by returning InjectionMultibit.diffsById | MALICIOUS_CODE | EI_EXPOSE_REP | 189 | Medium |
| com.jsql.model.injection.strategy.blind.InjectionMultibit.getDiffsCommonWithAllIds() may expose internal representation by returning InjectionMultibit.diffsCommonWithAllIds | MALICIOUS_CODE | EI_EXPOSE_REP | 185 | Medium |
com.jsql.model.injection.strategy.blind.InjectionTime
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Exception thrown in class com.jsql.model.injection.strategy.blind.InjectionTime at new com.jsql.model.injection.strategy.blind.InjectionTime(InjectionModel, AbstractInjectionBoolean$BooleanMode) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. | BAD_PRACTICE | CT_CONSTRUCTOR_THROW | 90 | Medium |
com.jsql.model.injection.strategy.blind.InjectionVendor
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Exception thrown in class com.jsql.model.injection.strategy.blind.InjectionVendor at new com.jsql.model.injection.strategy.blind.InjectionVendor(InjectionModel, String, Vendor) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. | BAD_PRACTICE | CT_CONSTRUCTOR_THROW | 96 | Medium |
| com.jsql.model.injection.strategy.blind.InjectionVendor.getConstantTrueMark() may expose internal representation by returning InjectionVendor.constantTrueMark | MALICIOUS_CODE | EI_EXPOSE_REP | 177 | Medium |
| new com.jsql.model.injection.strategy.blind.InjectionVendor(InjectionModel, String, Vendor) may expose internal representation by storing an externally mutable object into InjectionVendor.injectionModel | MALICIOUS_CODE | EI_EXPOSE_REP2 | 38 | Medium |
com.jsql.model.injection.strategy.blind.patch.Patch
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| com.jsql.model.injection.strategy.blind.patch.Patch.getDiffs() may expose internal representation by returning Patch.diffs | MALICIOUS_CODE | EI_EXPOSE_REP | 102 | Medium |
com.jsql.model.injection.vendor.MediatorVendor
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| com.jsql.model.injection.vendor.MediatorVendor.getVendors() may expose internal representation by returning MediatorVendor.vendors | MALICIOUS_CODE | EI_EXPOSE_REP | 346 | Medium |
| new com.jsql.model.injection.vendor.MediatorVendor(InjectionModel) may expose internal representation by storing an externally mutable object into MediatorVendor.injectionModel | MALICIOUS_CODE | EI_EXPOSE_REP2 | 73 | Medium |
com.jsql.model.injection.vendor.model.VendorYaml
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| com.jsql.model.injection.vendor.model.VendorYaml.getModelYaml() may expose internal representation by returning VendorYaml.modelYaml | MALICIOUS_CODE | EI_EXPOSE_REP | 673 | Medium |
| new com.jsql.model.injection.vendor.model.VendorYaml(String, InjectionModel) may expose internal representation by storing an externally mutable object into VendorYaml.injectionModel | MALICIOUS_CODE | EI_EXPOSE_REP2 | 125 | Medium |
com.jsql.model.injection.vendor.model.yaml.Boolean
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| com.jsql.model.injection.vendor.model.yaml.Boolean.getTest() may expose internal representation by returning Boolean.test | MALICIOUS_CODE | EI_EXPOSE_REP | 19 | Medium |
| com.jsql.model.injection.vendor.model.yaml.Boolean.setTest(Test) may expose internal representation by storing an externally mutable object into Boolean.test | MALICIOUS_CODE | EI_EXPOSE_REP2 | 23 | Medium |
com.jsql.model.injection.vendor.model.yaml.Configuration
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| com.jsql.model.injection.vendor.model.yaml.Configuration.getFingerprint() may expose internal representation by returning Configuration.fingerprint | MALICIOUS_CODE | EI_EXPOSE_REP | 67 | Medium |
| com.jsql.model.injection.vendor.model.yaml.Configuration.setFingerprint(Fingerprint) may expose internal representation by storing an externally mutable object into Configuration.fingerprint | MALICIOUS_CODE | EI_EXPOSE_REP2 | 71 | Medium |
com.jsql.model.injection.vendor.model.yaml.Error
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| com.jsql.model.injection.vendor.model.yaml.Error.getMethod() may expose internal representation by returning Error.method | MALICIOUS_CODE | EI_EXPOSE_REP | 13 | Medium |
| com.jsql.model.injection.vendor.model.yaml.Error.setMethod(List) may expose internal representation by storing an externally mutable object into Error.method | MALICIOUS_CODE | EI_EXPOSE_REP2 | 17 | Medium |
com.jsql.model.injection.vendor.model.yaml.File
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| com.jsql.model.injection.vendor.model.yaml.File.getWrite() may expose internal representation by returning File.write | MALICIOUS_CODE | EI_EXPOSE_REP | 31 | Medium |
| com.jsql.model.injection.vendor.model.yaml.File.setWrite(Write) may expose internal representation by storing an externally mutable object into File.write | MALICIOUS_CODE | EI_EXPOSE_REP2 | 35 | Medium |
com.jsql.model.injection.vendor.model.yaml.Fingerprint
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| com.jsql.model.injection.vendor.model.yaml.Fingerprint.getErrorMessage() may expose internal representation by returning Fingerprint.errorMessage | MALICIOUS_CODE | EI_EXPOSE_REP | 19 | Medium |
| com.jsql.model.injection.vendor.model.yaml.Fingerprint.setErrorMessage(List) may expose internal representation by storing an externally mutable object into Fingerprint.errorMessage | MALICIOUS_CODE | EI_EXPOSE_REP2 | 23 | Medium |
com.jsql.model.injection.vendor.model.yaml.ModelYaml
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| com.jsql.model.injection.vendor.model.yaml.ModelYaml.getResource() may expose internal representation by returning ModelYaml.resource | MALICIOUS_CODE | EI_EXPOSE_REP | 23 | Medium |
| com.jsql.model.injection.vendor.model.yaml.ModelYaml.getStrategy() may expose internal representation by returning ModelYaml.strategy | MALICIOUS_CODE | EI_EXPOSE_REP | 31 | Medium |
| com.jsql.model.injection.vendor.model.yaml.ModelYaml.setResource(Resource) may expose internal representation by storing an externally mutable object into ModelYaml.resource | MALICIOUS_CODE | EI_EXPOSE_REP2 | 27 | Medium |
| com.jsql.model.injection.vendor.model.yaml.ModelYaml.setStrategy(Strategy) may expose internal representation by storing an externally mutable object into ModelYaml.strategy | MALICIOUS_CODE | EI_EXPOSE_REP2 | 35 | Medium |
com.jsql.model.injection.vendor.model.yaml.Resource
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| com.jsql.model.injection.vendor.model.yaml.Resource.getDios() may expose internal representation by returning Resource.dios | MALICIOUS_CODE | EI_EXPOSE_REP | 41 | Medium |
| com.jsql.model.injection.vendor.model.yaml.Resource.getFile() may expose internal representation by returning Resource.file | MALICIOUS_CODE | EI_EXPOSE_REP | 49 | Medium |
| com.jsql.model.injection.vendor.model.yaml.Resource.getSchema() may expose internal representation by returning Resource.schema | MALICIOUS_CODE | EI_EXPOSE_REP | 25 | Medium |
| com.jsql.model.injection.vendor.model.yaml.Resource.getZip() may expose internal representation by returning Resource.zip | MALICIOUS_CODE | EI_EXPOSE_REP | 33 | Medium |
| com.jsql.model.injection.vendor.model.yaml.Resource.setDios(Schema) may expose internal representation by storing an externally mutable object into Resource.dios | MALICIOUS_CODE | EI_EXPOSE_REP2 | 45 | Medium |
| com.jsql.model.injection.vendor.model.yaml.Resource.setFile(File) may expose internal representation by storing an externally mutable object into Resource.file | MALICIOUS_CODE | EI_EXPOSE_REP2 | 53 | Medium |
| com.jsql.model.injection.vendor.model.yaml.Resource.setSchema(Schema) may expose internal representation by storing an externally mutable object into Resource.schema | MALICIOUS_CODE | EI_EXPOSE_REP2 | 29 | Medium |
| com.jsql.model.injection.vendor.model.yaml.Resource.setZip(Schema) may expose internal representation by storing an externally mutable object into Resource.zip | MALICIOUS_CODE | EI_EXPOSE_REP2 | 37 | Medium |
com.jsql.model.injection.vendor.model.yaml.Row
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| com.jsql.model.injection.vendor.model.yaml.Row.getFields() may expose internal representation by returning Row.fields | MALICIOUS_CODE | EI_EXPOSE_REP | 22 | Medium |
| com.jsql.model.injection.vendor.model.yaml.Row.setFields(Fields) may expose internal representation by storing an externally mutable object into Row.fields | MALICIOUS_CODE | EI_EXPOSE_REP2 | 26 | Medium |
com.jsql.model.injection.vendor.model.yaml.Schema
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| com.jsql.model.injection.vendor.model.yaml.Schema.getRow() may expose internal representation by returning Schema.row | MALICIOUS_CODE | EI_EXPOSE_REP | 40 | Medium |
| com.jsql.model.injection.vendor.model.yaml.Schema.setRow(Row) may expose internal representation by storing an externally mutable object into Schema.row | MALICIOUS_CODE | EI_EXPOSE_REP2 | 44 | Medium |
com.jsql.model.injection.vendor.model.yaml.Strategy
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| com.jsql.model.injection.vendor.model.yaml.Strategy.getBoolean() may expose internal representation by returning Strategy.booleanStrategy | MALICIOUS_CODE | EI_EXPOSE_REP | 33 | Medium |
| com.jsql.model.injection.vendor.model.yaml.Strategy.getConfiguration() may expose internal representation by returning Strategy.configuration | MALICIOUS_CODE | EI_EXPOSE_REP | 17 | Medium |
| com.jsql.model.injection.vendor.model.yaml.Strategy.getError() may expose internal representation by returning Strategy.error | MALICIOUS_CODE | EI_EXPOSE_REP | 41 | Medium |
| com.jsql.model.injection.vendor.model.yaml.Strategy.getNormal() may expose internal representation by returning Strategy.normal | MALICIOUS_CODE | EI_EXPOSE_REP | 25 | Medium |
| com.jsql.model.injection.vendor.model.yaml.Strategy.setBoolean(Boolean) may expose internal representation by storing an externally mutable object into Strategy.booleanStrategy | MALICIOUS_CODE | EI_EXPOSE_REP2 | 37 | Medium |
| com.jsql.model.injection.vendor.model.yaml.Strategy.setConfiguration(Configuration) may expose internal representation by storing an externally mutable object into Strategy.configuration | MALICIOUS_CODE | EI_EXPOSE_REP2 | 21 | Medium |
| com.jsql.model.injection.vendor.model.yaml.Strategy.setError(Error) may expose internal representation by storing an externally mutable object into Strategy.error | MALICIOUS_CODE | EI_EXPOSE_REP2 | 45 | Medium |
| com.jsql.model.injection.vendor.model.yaml.Strategy.setNormal(Normal) may expose internal representation by storing an externally mutable object into Strategy.normal | MALICIOUS_CODE | EI_EXPOSE_REP2 | 29 | Medium |
com.jsql.model.injection.vendor.model.yaml.Test
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| com.jsql.model.injection.vendor.model.yaml.Test.getFalsy() may expose internal representation by returning Test.falsy | MALICIOUS_CODE | EI_EXPOSE_REP | 44 | Medium |
| com.jsql.model.injection.vendor.model.yaml.Test.getTruthy() may expose internal representation by returning Test.truthy | MALICIOUS_CODE | EI_EXPOSE_REP | 36 | Medium |
| com.jsql.model.injection.vendor.model.yaml.Test.setFalsy(List) may expose internal representation by storing an externally mutable object into Test.falsy | MALICIOUS_CODE | EI_EXPOSE_REP2 | 48 | Medium |
| com.jsql.model.injection.vendor.model.yaml.Test.setTruthy(List) may expose internal representation by storing an externally mutable object into Test.truthy | MALICIOUS_CODE | EI_EXPOSE_REP2 | 40 | Medium |
com.jsql.model.suspendable.AbstractSuspendable
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Inconsistent synchronization of com.jsql.model.suspendable.AbstractSuspendable.isStopped; locked 50% of time | MT_CORRECTNESS | IS2_INCONSISTENT_SYNC | 71 | Medium |
| Naked notify in com.jsql.model.suspendable.AbstractSuspendable.resume() | MT_CORRECTNESS | NN_NAKED_NOTIFY | 102 | Medium |
com.jsql.model.suspendable.callable.CallablePageSource
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| new com.jsql.model.suspendable.callable.CallablePageSource(String, InjectionModel, String) may expose internal representation by storing an externally mutable object into CallablePageSource.injectionModel | MALICIOUS_CODE | EI_EXPOSE_REP2 | 42 | Medium |
com.jsql.util.ConnectionUtil
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| com.jsql.util.ConnectionUtil.getCookieManager() may expose internal representation by returning ConnectionUtil.cookieManager | MALICIOUS_CODE | EI_EXPOSE_REP | 363 | Medium |
| new com.jsql.util.ConnectionUtil(InjectionModel) may expose internal representation by storing an externally mutable object into ConnectionUtil.injectionModel | MALICIOUS_CODE | EI_EXPOSE_REP2 | 72 | Medium |
com.jsql.util.CookiesUtil
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| new com.jsql.util.CookiesUtil(InjectionModel) may expose internal representation by storing an externally mutable object into CookiesUtil.injectionModel | MALICIOUS_CODE | EI_EXPOSE_REP2 | 24 | Medium |
com.jsql.util.CsrfUtil
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| com.jsql.util.CsrfUtil.getTokenCsrf() may expose internal representation by returning CsrfUtil.tokenCsrf | MALICIOUS_CODE | EI_EXPOSE_REP | 246 | Medium |
| new com.jsql.util.CsrfUtil(InjectionModel) may expose internal representation by storing an externally mutable object into CsrfUtil.injectionModel | MALICIOUS_CODE | EI_EXPOSE_REP2 | 30 | Medium |
| com.jsql.util.CsrfUtil.setTokenCsrf(AbstractMap$SimpleEntry) may expose internal representation by storing an externally mutable object into CsrfUtil.tokenCsrf | MALICIOUS_CODE | EI_EXPOSE_REP2 | 250 | Medium |
com.jsql.util.DigestUtil
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| new com.jsql.util.DigestUtil(InjectionModel) may expose internal representation by storing an externally mutable object into DigestUtil.injectionModel | MALICIOUS_CODE | EI_EXPOSE_REP2 | 31 | Medium |
com.jsql.util.ExceptionUtil
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| new com.jsql.util.ExceptionUtil(InjectionModel) may expose internal representation by storing an externally mutable object into ExceptionUtil.injectionModel | MALICIOUS_CODE | EI_EXPOSE_REP2 | 31 | Medium |
com.jsql.util.ExceptionUtil$ExceptionHandler
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| new com.jsql.util.ExceptionUtil$ExceptionHandler(ExceptionUtil) may expose internal representation by storing an externally mutable object into ExceptionUtil$ExceptionHandler.this$0 | MALICIOUS_CODE | EI_EXPOSE_REP2 | 38 | Medium |
com.jsql.util.FormUtil
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| new com.jsql.util.FormUtil(InjectionModel) may expose internal representation by storing an externally mutable object into FormUtil.injectionModel | MALICIOUS_CODE | EI_EXPOSE_REP2 | 27 | Medium |
com.jsql.util.GitUtil
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| com.jsql.util.GitUtil.getJSONObject() may expose internal representation by returning GitUtil.jsonObject | MALICIOUS_CODE | EI_EXPOSE_REP | 249 | Medium |
| new com.jsql.util.GitUtil(InjectionModel) may expose internal representation by storing an externally mutable object into GitUtil.injectionModel | MALICIOUS_CODE | EI_EXPOSE_REP2 | 48 | Medium |
com.jsql.util.HeaderUtil
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| new com.jsql.util.HeaderUtil(InjectionModel) may expose internal representation by storing an externally mutable object into HeaderUtil.injectionModel | MALICIOUS_CODE | EI_EXPOSE_REP2 | 42 | Medium |
com.jsql.util.I18nUtil
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| com.jsql.util.I18nUtil.setLocaleDefault(ResourceBundle) may expose internal static state by storing a mutable object into a static field com.jsql.util.I18nUtil.localeDefault | MALICIOUS_CODE | EI_EXPOSE_STATIC_REP2 | 82 | Medium |
| Public static com.jsql.util.I18nUtil.getLocaleRoot() may expose internal representation by returning I18nUtil.LOCALE_ROOT | MALICIOUS_CODE | MS_EXPOSE_REP | 90 | Medium |
com.jsql.util.JsonUtil
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| new com.jsql.util.JsonUtil(InjectionModel) may expose internal representation by storing an externally mutable object into JsonUtil.injectionModel | MALICIOUS_CODE | EI_EXPOSE_REP2 | 29 | Medium |
com.jsql.util.MultipartUtil
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| new com.jsql.util.MultipartUtil(InjectionModel) may expose internal representation by storing an externally mutable object into MultipartUtil.injectionModel | MALICIOUS_CODE | EI_EXPOSE_REP2 | 22 | Medium |
com.jsql.util.ParameterUtil
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| com.jsql.util.ParameterUtil.getListHeader() may expose internal representation by returning ParameterUtil.listHeader | MALICIOUS_CODE | EI_EXPOSE_REP | 404 | Medium |
| com.jsql.util.ParameterUtil.getListQueryString() may expose internal representation by returning ParameterUtil.listQueryString | MALICIOUS_CODE | EI_EXPOSE_REP | 412 | Medium |
| com.jsql.util.ParameterUtil.getListRequest() may expose internal representation by returning ParameterUtil.listRequest | MALICIOUS_CODE | EI_EXPOSE_REP | 396 | Medium |
| new com.jsql.util.ParameterUtil(InjectionModel) may expose internal representation by storing an externally mutable object into ParameterUtil.injectionModel | MALICIOUS_CODE | EI_EXPOSE_REP2 | 56 | Medium |
| com.jsql.util.ParameterUtil.setListHeader(List) may expose internal representation by storing an externally mutable object into ParameterUtil.listHeader | MALICIOUS_CODE | EI_EXPOSE_REP2 | 408 | Medium |
| com.jsql.util.ParameterUtil.setListQueryString(List) may expose internal representation by storing an externally mutable object into ParameterUtil.listQueryString | MALICIOUS_CODE | EI_EXPOSE_REP2 | 416 | Medium |
| com.jsql.util.ParameterUtil.setListRequest(List) may expose internal representation by storing an externally mutable object into ParameterUtil.listRequest | MALICIOUS_CODE | EI_EXPOSE_REP2 | 400 | Medium |
com.jsql.util.PropertiesUtil
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| com.jsql.util.PropertiesUtil.getProperties() may expose internal representation by returning PropertiesUtil.properties | MALICIOUS_CODE | EI_EXPOSE_REP | 40 | Medium |
com.jsql.util.SoapUtil
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| new com.jsql.util.SoapUtil(InjectionModel) may expose internal representation by storing an externally mutable object into SoapUtil.injectionModel | MALICIOUS_CODE | EI_EXPOSE_REP2 | 36 | Medium |
| Exception is caught when Exception is not thrown in com.jsql.util.SoapUtil.testParameters(boolean) | STYLE | REC_CATCH_EXCEPTION | 57 | Medium |
com.jsql.util.ThreadUtil
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| new com.jsql.util.ThreadUtil(InjectionModel) may expose internal representation by storing an externally mutable object into ThreadUtil.injectionModel | MALICIOUS_CODE | EI_EXPOSE_REP2 | 50 | Medium |
com.jsql.util.bruter.Bruter
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Inconsistent synchronization of com.jsql.util.bruter.Bruter.endtime; locked 50% of time | MT_CORRECTNESS | IS2_INCONSISTENT_SYNC | 130 | Medium |
com.jsql.util.bruter.DigestMD4
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Dead store to clone in com.jsql.util.bruter.DigestMD4.clone() | STYLE | DLS_DEAD_LOCAL_STORE | 98 | Medium |
| Unsigned right shift cast to short/byte in com.jsql.util.bruter.DigestMD4.engineDigest() | STYLE | ICAST_QUESTIONABLE_UNSIGNED_RIGHT_SHIFT | 219 | Medium |
com.jsql.util.tampering.TamperingType
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| com.jsql.util.tampering.TamperingType.instance() may expose internal representation by returning TamperingType.instanceModelYaml | MALICIOUS_CODE | EI_EXPOSE_REP | 37 | Medium |