The following document contains the results of FindBugs
FindBugs Version is 3.0.1
Threshold is medium
Effort is min
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Found reliance on default encoding in org.owasp.dependencycheck.analyzer.CMakeAnalyzer.analyzeSetVersionCommand(Dependency, Engine, String): String.getBytes() | I18N | DM_DEFAULT_ENCODING | 219 | High |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Possible null pointer dereference of currentVersion on branch that might be infeasible in org.owasp.dependencycheck.analyzer.FalsePositiveAnalyzer.removeSpuriousCPE(Dependency) | STYLE | NP_NULL_ON_SOME_PATH_MIGHT_BE_INFEASIBLE | 188 | Medium |
| Possible null pointer dereference of nextVersion on branch that might be infeasible in org.owasp.dependencycheck.analyzer.FalsePositiveAnalyzer.removeSpuriousCPE(Dependency) | STYLE | NP_NULL_ON_SOME_PATH_MIGHT_BE_INFEASIBLE | 188 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.owasp.dependencycheck.analyzer.JarAnalyzer.parseManifest(Dependency, List) makes inefficient use of keySet iterator instead of entrySet iterator | PERFORMANCE | WMI_WRONG_MAP_ITERATOR | 778 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.owasp.dependencycheck.analyzer.RubyBundleAuditAnalyzer.analyzeFileType(Dependency, Engine) may fail to close stream | BAD_PRACTICE | OS_OPEN_STREAM | 208 | Medium |
