The following document contains the results of SpotBugs
SpotBugs Version is 4.5.3
Threshold is medium
Effort is default
| Classes | Bugs | Errors | Missing Classes |
|---|---|---|---|
| 722 | 305 | 0 | 0 |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.business.accesscontrol.AccessControlSessionData.getPersistentData() may expose internal representation by returning AccessControlSessionData._persistentData | MALICIOUS_CODE | EI_EXPOSE_REP | 114 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.business.file.File.getDateCreation() may expose internal representation by returning File._dateCreation | MALICIOUS_CODE | EI_EXPOSE_REP | 210 | Medium |
| fr.paris.lutece.portal.business.file.File.getPhysicalFile() may expose internal representation by returning File._physicalFile | MALICIOUS_CODE | EI_EXPOSE_REP | 190 | Medium |
| fr.paris.lutece.portal.business.file.File.setDateCreation(Timestamp) may expose internal representation by storing an externally mutable object into File._dateCreation | MALICIOUS_CODE | EI_EXPOSE_REP2 | 221 | Medium |
| fr.paris.lutece.portal.business.file.File.setPhysicalFile(PhysicalFile) may expose internal representation by storing an externally mutable object into File._physicalFile | MALICIOUS_CODE | EI_EXPOSE_REP2 | 201 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.business.mail.MailItemQueue.getMailItem() may expose internal representation by returning MailItemQueue._mailItem | MALICIOUS_CODE | EI_EXPOSE_REP | 52 | Medium |
| fr.paris.lutece.portal.business.mail.MailItemQueue.setMailItem(MailItem) may expose internal representation by storing an externally mutable object into MailItemQueue._mailItem | MALICIOUS_CODE | EI_EXPOSE_REP2 | 62 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.business.mailinglist.MailingList.getFilters() may expose internal representation by returning MailingList._listFilters | MALICIOUS_CODE | EI_EXPOSE_REP | 160 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.business.page.Page.getDateUpdate() may expose internal representation by returning Page._dateUpdate | MALICIOUS_CODE | EI_EXPOSE_REP | 383 | Medium |
| fr.paris.lutece.portal.business.page.Page.getImageContent() may expose internal representation by returning Page._strImageContent | MALICIOUS_CODE | EI_EXPOSE_REP | 162 | Medium |
| fr.paris.lutece.portal.business.page.Page.getPortlets() may expose internal representation by returning Page._listPortlets | MALICIOUS_CODE | EI_EXPOSE_REP | 351 | Medium |
| fr.paris.lutece.portal.business.page.Page.setDateUpdate(Timestamp) may expose internal representation by storing an externally mutable object into Page._dateUpdate | MALICIOUS_CODE | EI_EXPOSE_REP2 | 373 | Medium |
| fr.paris.lutece.portal.business.page.Page.setImageContent(byte[]) may expose internal representation by storing an externally mutable object into Page._strImageContent | MALICIOUS_CODE | EI_EXPOSE_REP2 | 173 | Medium |
| fr.paris.lutece.portal.business.page.Page.setPortlets(List) may expose internal representation by storing an externally mutable object into Page._listPortlets | MALICIOUS_CODE | EI_EXPOSE_REP2 | 362 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.business.physicalfile.PhysicalFile.getValue() may expose internal representation by returning PhysicalFile._byValue | MALICIOUS_CODE | EI_EXPOSE_REP | 74 | Medium |
| fr.paris.lutece.portal.business.physicalfile.PhysicalFile.setValue(byte[]) may expose internal representation by storing an externally mutable object into PhysicalFile._byValue | MALICIOUS_CODE | EI_EXPOSE_REP2 | 85 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.business.portlet.AliasPortletHome.getDAO() may expose internal representation by returning AliasPortletHome._dao | MALICIOUS_CODE | EI_EXPOSE_REP | 97 | Medium |
| Public static fr.paris.lutece.portal.business.portlet.AliasPortletHome.getInstance() may expose internal representation by returning AliasPortletHome._singleton | MALICIOUS_CODE | MS_EXPOSE_REP | 87 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.business.portlet.Portlet.getDateUpdate() may expose internal representation by returning Portlet._dateUpdate | MALICIOUS_CODE | EI_EXPOSE_REP | 287 | Medium |
| fr.paris.lutece.portal.business.portlet.Portlet.setDateUpdate(Timestamp) may expose internal representation by storing an externally mutable object into Portlet._dateUpdate | MALICIOUS_CODE | EI_EXPOSE_REP2 | 298 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.business.progressmanager.ProgressFeed.getReportList() may expose internal representation by returning ProgressFeed._report | MALICIOUS_CODE | EI_EXPOSE_REP | 169 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.business.right.FeatureGroup.getFeatures() may expose internal representation by returning FeatureGroup._aFeaturesList | MALICIOUS_CODE | EI_EXPOSE_REP | 221 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.business.rss.FeedResource.getDate() may expose internal representation by returning FeedResource._date | MALICIOUS_CODE | EI_EXPOSE_REP | 175 | Medium |
| fr.paris.lutece.portal.business.rss.FeedResource.getImage() may expose internal representation by returning FeedResource._image | MALICIOUS_CODE | EI_EXPOSE_REP | 95 | Medium |
| fr.paris.lutece.portal.business.rss.FeedResource.getItems() may expose internal representation by returning FeedResource._listItems | MALICIOUS_CODE | EI_EXPOSE_REP | 115 | Medium |
| fr.paris.lutece.portal.business.rss.FeedResource.setDate(Date) may expose internal representation by storing an externally mutable object into FeedResource._date | MALICIOUS_CODE | EI_EXPOSE_REP2 | 184 | Medium |
| fr.paris.lutece.portal.business.rss.FeedResource.setImage(IFeedResourceImage) may expose internal representation by storing an externally mutable object into FeedResource._image | MALICIOUS_CODE | EI_EXPOSE_REP2 | 106 | Medium |
| fr.paris.lutece.portal.business.rss.FeedResource.setItems(List) may expose internal representation by storing an externally mutable object into FeedResource._listItems | MALICIOUS_CODE | EI_EXPOSE_REP2 | 126 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.business.rss.FeedResourceItem.getDate() may expose internal representation by returning FeedResourceItem._date | MALICIOUS_CODE | EI_EXPOSE_REP | 128 | Medium |
| fr.paris.lutece.portal.business.rss.FeedResourceItem.setDate(Date) may expose internal representation by storing an externally mutable object into FeedResourceItem._date | MALICIOUS_CODE | EI_EXPOSE_REP2 | 137 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.business.rss.ResourceRss.getResourceRssType() may expose internal representation by returning ResourceRss._taskType | MALICIOUS_CODE | EI_EXPOSE_REP | 126 | Medium |
| fr.paris.lutece.portal.business.rss.ResourceRss.setResourceRssType(IResourceRssType) may expose internal representation by storing an externally mutable object into ResourceRss._taskType | MALICIOUS_CODE | EI_EXPOSE_REP2 | 138 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.business.stylesheet.StyleSheet.getSource() may expose internal representation by returning StyleSheet._strSource | MALICIOUS_CODE | EI_EXPOSE_REP | 162 | Medium |
| fr.paris.lutece.portal.business.stylesheet.StyleSheet.setSource(byte[]) may expose internal representation by storing an externally mutable object into StyleSheet._strSource | MALICIOUS_CODE | EI_EXPOSE_REP2 | 173 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.business.template.CommonsInclude.getFiles() may expose internal representation by returning CommonsInclude._listFiles | MALICIOUS_CODE | EI_EXPOSE_REP | 120 | Medium |
| fr.paris.lutece.portal.business.template.CommonsInclude.setFiles(List) may expose internal representation by storing an externally mutable object into CommonsInclude._listFiles | MALICIOUS_CODE | EI_EXPOSE_REP2 | 131 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.business.user.AdminUser.getAccountMaxValidDate() may expose internal representation by returning AdminUser._accountMaxValidDate | MALICIOUS_CODE | EI_EXPOSE_REP | 357 | Medium |
| fr.paris.lutece.portal.business.user.AdminUser.getDateLastLogin() may expose internal representation by returning AdminUser._dateLastLogin | MALICIOUS_CODE | EI_EXPOSE_REP | 631 | Medium |
| fr.paris.lutece.portal.business.user.AdminUser.getPasswordMaxValidDate() may expose internal representation by returning AdminUser._passwordMaxValidDate | MALICIOUS_CODE | EI_EXPOSE_REP | 336 | Medium |
| fr.paris.lutece.portal.business.user.AdminUser.getRights() may expose internal representation by returning AdminUser._rights | MALICIOUS_CODE | EI_EXPOSE_REP | 422 | Medium |
| fr.paris.lutece.portal.business.user.AdminUser.getRoles() may expose internal representation by returning AdminUser._roles | MALICIOUS_CODE | EI_EXPOSE_REP | 380 | Medium |
| fr.paris.lutece.portal.business.user.AdminUser.getUserRoles() may expose internal representation by returning AdminUser._roles | MALICIOUS_CODE | EI_EXPOSE_REP | 389 | Medium |
| fr.paris.lutece.portal.business.user.AdminUser.getUserWorkgroups() may expose internal representation by returning AdminUser._workgroups | MALICIOUS_CODE | EI_EXPOSE_REP | 716 | Medium |
| fr.paris.lutece.portal.business.user.AdminUser.setAccountMaxValidDate(Timestamp) may expose internal representation by storing an externally mutable object into AdminUser._accountMaxValidDate | MALICIOUS_CODE | EI_EXPOSE_REP2 | 368 | Medium |
| fr.paris.lutece.portal.business.user.AdminUser.setDateLastLogin(Timestamp) may expose internal representation by storing an externally mutable object into AdminUser._dateLastLogin | MALICIOUS_CODE | EI_EXPOSE_REP2 | 642 | Medium |
| fr.paris.lutece.portal.business.user.AdminUser.setPasswordMaxValidDate(Timestamp) may expose internal representation by storing an externally mutable object into AdminUser._passwordMaxValidDate | MALICIOUS_CODE | EI_EXPOSE_REP2 | 347 | Medium |
| fr.paris.lutece.portal.business.user.AdminUser.setUserWorkgroups(List) may expose internal representation by storing an externally mutable object into AdminUser._workgroups | MALICIOUS_CODE | EI_EXPOSE_REP2 | 727 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Boxing/unboxing to parse a primitive fr.paris.lutece.portal.business.user.AdminUserFilter.setAdminUserFilter(HttpServletRequest) | PERFORMANCE | DM_BOXED_PRIMITIVE_FOR_PARSING | 252 | High |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.business.user.attribute.AbstractAttribute.getAttributeType() may expose internal representation by returning AbstractAttribute._attributeType | MALICIOUS_CODE | EI_EXPOSE_REP | 224 | Medium |
| fr.paris.lutece.portal.business.user.attribute.AbstractAttribute.getListAttributeFields() may expose internal representation by returning AbstractAttribute._listAttributeFields | MALICIOUS_CODE | EI_EXPOSE_REP | 132 | Medium |
| fr.paris.lutece.portal.business.user.attribute.AbstractAttribute.getPlugin() may expose internal representation by returning AbstractAttribute._plugin | MALICIOUS_CODE | EI_EXPOSE_REP | 364 | Medium |
| fr.paris.lutece.portal.business.user.attribute.AbstractAttribute.setAttributeType(AttributeType) may expose internal representation by storing an externally mutable object into AbstractAttribute._attributeType | MALICIOUS_CODE | EI_EXPOSE_REP2 | 236 | Medium |
| fr.paris.lutece.portal.business.user.attribute.AbstractAttribute.setListAttributeFields(List) may expose internal representation by storing an externally mutable object into AbstractAttribute._listAttributeFields | MALICIOUS_CODE | EI_EXPOSE_REP2 | 144 | Medium |
| fr.paris.lutece.portal.business.user.attribute.AbstractAttribute.setPlugin(Plugin) may expose internal representation by storing an externally mutable object into AbstractAttribute._plugin | MALICIOUS_CODE | EI_EXPOSE_REP2 | 376 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.business.user.attribute.AdminUserField.getAttribute() may expose internal representation by returning AdminUserField._attribute | MALICIOUS_CODE | EI_EXPOSE_REP | 102 | Medium |
| fr.paris.lutece.portal.business.user.attribute.AdminUserField.getAttributeField() may expose internal representation by returning AdminUserField._attributeField | MALICIOUS_CODE | EI_EXPOSE_REP | 81 | Medium |
| fr.paris.lutece.portal.business.user.attribute.AdminUserField.getFile() may expose internal representation by returning AdminUserField._file | MALICIOUS_CODE | EI_EXPOSE_REP | 165 | Medium |
| fr.paris.lutece.portal.business.user.attribute.AdminUserField.getUser() may expose internal representation by returning AdminUserField._user | MALICIOUS_CODE | EI_EXPOSE_REP | 60 | Medium |
| fr.paris.lutece.portal.business.user.attribute.AdminUserField.setAttribute(IAttribute) may expose internal representation by storing an externally mutable object into AdminUserField._attribute | MALICIOUS_CODE | EI_EXPOSE_REP2 | 113 | Medium |
| fr.paris.lutece.portal.business.user.attribute.AdminUserField.setAttributeField(AttributeField) may expose internal representation by storing an externally mutable object into AdminUserField._attributeField | MALICIOUS_CODE | EI_EXPOSE_REP2 | 92 | Medium |
| fr.paris.lutece.portal.business.user.attribute.AdminUserField.setFile(File) may expose internal representation by storing an externally mutable object into AdminUserField._file | MALICIOUS_CODE | EI_EXPOSE_REP2 | 176 | Medium |
| fr.paris.lutece.portal.business.user.attribute.AdminUserField.setUser(AdminUser) may expose internal representation by storing an externally mutable object into AdminUserField._user | MALICIOUS_CODE | EI_EXPOSE_REP2 | 71 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.business.user.attribute.AdminUserFieldFilter.getListUserFields() may expose internal representation by returning AdminUserFieldFilter._listUserFields | MALICIOUS_CODE | EI_EXPOSE_REP | 84 | Medium |
| fr.paris.lutece.portal.business.user.attribute.AdminUserFieldFilter.setListUserFields(List) may expose internal representation by storing an externally mutable object into AdminUserFieldFilter._listUserFields | MALICIOUS_CODE | EI_EXPOSE_REP2 | 95 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.business.user.attribute.AttributeField.getAttribute() may expose internal representation by returning AttributeField._attribute | MALICIOUS_CODE | EI_EXPOSE_REP | 93 | Medium |
| fr.paris.lutece.portal.business.user.attribute.AttributeField.setAttribute(IAttribute) may expose internal representation by storing an externally mutable object into AttributeField._attribute | MALICIOUS_CODE | EI_EXPOSE_REP2 | 83 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.business.user.authentication.LuteceDefaultAdminUser.getDateValidityPassword() may expose internal representation by returning LuteceDefaultAdminUser._dateValidityPassword | MALICIOUS_CODE | EI_EXPOSE_REP | 101 | Medium |
| fr.paris.lutece.portal.business.user.authentication.LuteceDefaultAdminUser.setDateValidityPassword(Date) may expose internal representation by storing an externally mutable object into LuteceDefaultAdminUser._dateValidityPassword | MALICIOUS_CODE | EI_EXPOSE_REP2 | 112 | Medium |
| Class fr.paris.lutece.portal.business.user.authentication.LuteceDefaultAdminUser defines non-transient non-serializable instance field _password | BAD_PRACTICE | SE_BAD_FIELD | Not available | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Boxing/unboxing to parse a primitive new fr.paris.lutece.portal.business.user.authentication.PasswordFactory$PBKDF2Password(String, PasswordFactory$PBKDF2Password$PASSWORD_REPRESENTATION) | PERFORMANCE | DM_BOXED_PRIMITIVE_FOR_PARSING | 200 | High |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.business.user.log.UserLog.getDateLogin() may expose internal representation by returning UserLog._dateLogin | MALICIOUS_CODE | EI_EXPOSE_REP | 110 | Medium |
| fr.paris.lutece.portal.business.user.log.UserLog.setDateLogin(Timestamp) may expose internal representation by storing an externally mutable object into UserLog._dateLogin | MALICIOUS_CODE | EI_EXPOSE_REP2 | 121 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.business.xsl.XslExport.getFile() may expose internal representation by returning XslExport._file | MALICIOUS_CODE | EI_EXPOSE_REP | 129 | Medium |
| fr.paris.lutece.portal.business.xsl.XslExport.setFile(File) may expose internal representation by storing an externally mutable object into XslExport._file | MALICIOUS_CODE | EI_EXPOSE_REP2 | 140 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Redundant nullcheck of fr.paris.lutece.portal.service.accesscontrol.AccessControlService._provider, which is known to be non-null in new fr.paris.lutece.portal.service.accesscontrol.AccessControlService() | STYLE | RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE | 68 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Public static fr.paris.lutece.portal.service.admin.AdminAuthenticationService.getInstance() may expose internal representation by returning AdminAuthenticationService._singleton | MALICIOUS_CODE | MS_EXPOSE_REP | 107 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.service.cache.AbstractCacheableService.getCache() may expose internal representation by returning AbstractCacheableService._cache | MALICIOUS_CODE | EI_EXPOSE_REP | 203 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Public static fr.paris.lutece.portal.service.cache.CacheService.getCacheableServicesList() may expose internal representation by returning CacheService._listCacheableServicesRegistry | MALICIOUS_CODE | MS_EXPOSE_REP | 222 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.service.cache.DefaultCacheKeyService.setAllowedParametersList(List) may expose internal representation by storing an externally mutable object into DefaultCacheKeyService._listAllowedParameters | MALICIOUS_CODE | EI_EXPOSE_REP2 | 90 | Medium |
| fr.paris.lutece.portal.service.cache.DefaultCacheKeyService.setIgnoredParametersList(List) may expose internal representation by storing an externally mutable object into DefaultCacheKeyService._listIgnoredParameters | MALICIOUS_CODE | EI_EXPOSE_REP2 | 98 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Redundant nullcheck of fr.paris.lutece.portal.service.captcha.CaptchaSecurityService._captchaService, which is known to be non-null in new fr.paris.lutece.portal.service.captcha.CaptchaSecurityService() | STYLE | RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE | 64 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.service.content.PageData.getDateUpdate() may expose internal representation by returning PageData._tsDateUpdate | MALICIOUS_CODE | EI_EXPOSE_REP | 430 | Medium |
| fr.paris.lutece.portal.service.content.PageData.setDateUpdate(Timestamp) may expose internal representation by storing an externally mutable object into PageData._tsDateUpdate | MALICIOUS_CODE | EI_EXPOSE_REP2 | 441 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Found reliance on default encoding in fr.paris.lutece.portal.service.csv.CSVReaderService.readCSVFile(PhysicalFile, int, boolean, boolean, boolean, Locale, String): new java.io.InputStreamReader(InputStream) | I18N | DM_DEFAULT_ENCODING | 302 | High |
| Found reliance on default encoding in fr.paris.lutece.portal.service.csv.CSVReaderService.readCSVFile(String, int, boolean, boolean, boolean, Locale, String): new java.io.FileReader(File) | I18N | DM_DEFAULT_ENCODING | 220 | High |
| Found reliance on default encoding in fr.paris.lutece.portal.service.csv.CSVReaderService.readCSVFile(FileItem, int, boolean, boolean, boolean, Locale, String): new java.io.InputStreamReader(InputStream) | I18N | DM_DEFAULT_ENCODING | 171 | High |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Useless object stored in variable sbResult of method fr.paris.lutece.portal.service.daemon.AnonymizationDaemon.run() | STYLE | UC_USELESS_OBJECT | 61 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Boxing/unboxing to parse a primitive fr.paris.lutece.portal.service.daemon.AppDaemonService.modifyDaemonInterval(String, String) | PERFORMANCE | DM_BOXED_PRIMITIVE_FOR_PARSING | 271 | High |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.service.daemon.DaemonEntry.getDaemonThread() may expose internal representation by returning DaemonEntry._thread | MALICIOUS_CODE | EI_EXPOSE_REP | 188 | Medium |
| fr.paris.lutece.portal.service.daemon.DaemonEntry.setLastRunDate(Date) may expose internal representation by storing an externally mutable object into DaemonEntry._dateLastRunDate | MALICIOUS_CODE | EI_EXPOSE_REP2 | 275 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.service.daemon.DaemonThread.setDaemonEntry(DaemonEntry) may expose internal representation by storing an externally mutable object into DaemonThread._entry | MALICIOUS_CODE | EI_EXPOSE_REP2 | 59 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.service.daemon.RunnableQueueItem.getPlugin() may expose internal representation by returning RunnableQueueItem._plugin | MALICIOUS_CODE | EI_EXPOSE_REP | 109 | Medium |
| new fr.paris.lutece.portal.service.daemon.RunnableQueueItem(Runnable, String, Plugin) may expose internal representation by storing an externally mutable object into RunnableQueueItem._plugin | MALICIOUS_CODE | EI_EXPOSE_REP2 | 63 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Load of known null value in fr.paris.lutece.portal.service.daemon.ThreadLauncherDaemon.run() | STYLE | NP_LOAD_OF_KNOWN_NULL_VALUE | 148 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Should fr.paris.lutece.portal.service.daemon.ThreadLauncherDaemon$RunnableWrapper be a _static_ inner class? | PERFORMANCE | SIC_INNER_SHOULD_BE_STATIC | 70-87 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.service.dashboard.DashboardComponent.getPlugin() may expose internal representation by returning DashboardComponent._plugin | MALICIOUS_CODE | EI_EXPOSE_REP | 162 | Medium |
| fr.paris.lutece.portal.service.dashboard.DashboardComponent.setPlugin(Plugin) may expose internal representation by storing an externally mutable object into DashboardComponent._plugin | MALICIOUS_CODE | EI_EXPOSE_REP2 | 174 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Public static fr.paris.lutece.portal.service.database.AppConnectionService.getDefaultConnectionService() may expose internal representation by returning AppConnectionService._connectionService | MALICIOUS_CODE | MS_EXPOSE_REP | 163 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| The field fr.paris.lutece.portal.service.database.DAOUtilTransactionManager._logger is transient but isn't set by deserialization | BAD_PRACTICE | SE_TRANSIENT_FIELD_NOT_RESTORED | Not available | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.service.datastore.LocalizedData defines compareTo(Object) and uses Object.equals() | BAD_PRACTICE | EQ_COMPARETO_USE_OBJECT_EQUALS | 200-206 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.service.datastore.LocalizedDataGroup.getLocalizedDataList() may expose internal representation by returning LocalizedDataGroup._listLocalizedData | MALICIOUS_CODE | EI_EXPOSE_REP | 138 | Medium |
| fr.paris.lutece.portal.service.datastore.LocalizedDataGroup.setLocalizedDataList(List) may expose internal representation by storing an externally mutable object into LocalizedDataGroup._listLocalizedData | MALICIOUS_CODE | EI_EXPOSE_REP2 | 149 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.service.event.AbstractEventManager.notifyListeners(AbstractLuteceEvent) makes inefficient use of keySet iterator instead of entrySet iterator | PERFORMANCE | WMI_WRONG_MAP_ITERATOR | 37 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.service.file.FileService.getFileStoreServiceProvider() may expose internal representation by returning FileService._currentFileStoreServiceProvider | MALICIOUS_CODE | EI_EXPOSE_REP | 102 | Medium |
| Public static fr.paris.lutece.portal.service.file.FileService.getInstance() may expose internal representation by returning FileService._instance | MALICIOUS_CODE | MS_EXPOSE_REP | 80 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Public static fr.paris.lutece.portal.service.fileimage.FileImagePublicService.getInstance() may expose internal representation by returning FileImagePublicService._singleton | MALICIOUS_CODE | MS_EXPOSE_REP | 90 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Public static fr.paris.lutece.portal.service.fileimage.FileImageService.getInstance() may expose internal representation by returning FileImageService._singleton | MALICIOUS_CODE | MS_EXPOSE_REP | 98 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.service.filter.FilterEntry.getInitParameters() may expose internal representation by returning FilterEntry._mapInitParameters | MALICIOUS_CODE | EI_EXPOSE_REP | 134 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.service.filter.FilterService.getFilters() may expose internal representation by returning FilterService._listFilters | MALICIOUS_CODE | EI_EXPOSE_REP | 175 | Medium |
| fr.paris.lutece.portal.service.filter.FilterService.init(ServletContext) may expose internal static state by storing a mutable object into a static field fr.paris.lutece.portal.service.filter.FilterService._context | MALICIOUS_CODE | EI_EXPOSE_STATIC_REP2 | 123 | Medium |
| fr.paris.lutece.portal.service.filter.FilterService.setServletContext(ServletContext) may expose internal static state by storing a mutable object into a static field fr.paris.lutece.portal.service.filter.FilterService._context | MALICIOUS_CODE | EI_EXPOSE_STATIC_REP2 | 110 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.service.filter.LuteceFilter.getInitParameters() may expose internal representation by returning LuteceFilter._mapInitParameters | MALICIOUS_CODE | EI_EXPOSE_REP | 169 | Medium |
| fr.paris.lutece.portal.service.filter.LuteceFilter.getPlugin() may expose internal representation by returning LuteceFilter._plugin | MALICIOUS_CODE | EI_EXPOSE_REP | 148 | Medium |
| new fr.paris.lutece.portal.service.filter.LuteceFilter(String, Filter, String, Plugin, Map) may expose internal representation by storing an externally mutable object into LuteceFilter._mapInitParameters | MALICIOUS_CODE | EI_EXPOSE_REP2 | 75 | Medium |
| new fr.paris.lutece.portal.service.filter.LuteceFilter(String, Filter, String, Plugin, Map) may expose internal representation by storing an externally mutable object into LuteceFilter._plugin | MALICIOUS_CODE | EI_EXPOSE_REP2 | 74 | Medium |
| fr.paris.lutece.portal.service.filter.LuteceFilter.setPlugin(Plugin) may expose internal representation by storing an externally mutable object into LuteceFilter._plugin | MALICIOUS_CODE | EI_EXPOSE_REP2 | 159 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.service.filter.LuteceFilterChain.getRequest() may expose internal representation by returning LuteceFilterChain._request | MALICIOUS_CODE | EI_EXPOSE_REP | 81 | Medium |
| fr.paris.lutece.portal.service.filter.LuteceFilterChain.getResponse() may expose internal representation by returning LuteceFilterChain._response | MALICIOUS_CODE | EI_EXPOSE_REP | 104 | Medium |
| fr.paris.lutece.portal.service.filter.LuteceFilterChain.setRequest(ServletRequest) may expose internal representation by storing an externally mutable object into LuteceFilterChain._request | MALICIOUS_CODE | EI_EXPOSE_REP2 | 93 | Medium |
| fr.paris.lutece.portal.service.filter.LuteceFilterChain.setResponse(ServletResponse) may expose internal representation by storing an externally mutable object into LuteceFilterChain._response | MALICIOUS_CODE | EI_EXPOSE_REP2 | 116 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.service.filter.LuteceFilterConfig.getServletContext() may expose internal representation by returning LuteceFilterConfig._context | MALICIOUS_CODE | EI_EXPOSE_REP | 82 | Medium |
| new fr.paris.lutece.portal.service.filter.LuteceFilterConfig(String, ServletContext, Map) may expose internal representation by storing an externally mutable object into LuteceFilterConfig._context | MALICIOUS_CODE | EI_EXPOSE_REP2 | 65 | Medium |
| new fr.paris.lutece.portal.service.filter.LuteceFilterConfig(String, ServletContext, Map) may expose internal representation by storing an externally mutable object into LuteceFilterConfig._mapInitParameters | MALICIOUS_CODE | EI_EXPOSE_REP2 | 66 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| new fr.paris.lutece.portal.service.i18n.CombinedResourceBundle(ResourceBundle, ResourceBundle) may expose internal representation by storing an externally mutable object into CombinedResourceBundle._defaults | MALICIOUS_CODE | EI_EXPOSE_REP2 | 48 | Medium |
| new fr.paris.lutece.portal.service.i18n.CombinedResourceBundle(ResourceBundle, ResourceBundle) may expose internal representation by storing an externally mutable object into CombinedResourceBundle._override | MALICIOUS_CODE | EI_EXPOSE_REP2 | 47 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.service.i18n.I18nService.<static initializer for I18nService>() creates a java.net.URLClassLoader classloader, which should be performed within a doPrivileged block | MALICIOUS_CODE | DP_CREATE_CLASSLOADER_INSIDE_DO_PRIVILEGED | 119 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.service.image.ImageResource.getImage() may expose internal representation by returning ImageResource._strImage | MALICIOUS_CODE | EI_EXPOSE_REP | 69 | Medium |
| fr.paris.lutece.portal.service.image.ImageResource.setImage(byte[]) may expose internal representation by storing an externally mutable object into ImageResource._strImage | MALICIOUS_CODE | EI_EXPOSE_REP2 | 80 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Found reliance on default encoding in fr.paris.lutece.portal.service.init.AppInit.initProperties(String): new java.io.FileWriter(String) | I18N | DM_DEFAULT_ENCODING | 341 | High |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.service.jpa.AbstractLuteceHome.getDao() may expose internal representation by returning AbstractLuteceHome._dao | MALICIOUS_CODE | EI_EXPOSE_REP | 75 | Medium |
| fr.paris.lutece.portal.service.jpa.AbstractLuteceHome.setDao(IGenericDAO) may expose internal representation by storing an externally mutable object into AbstractLuteceHome._dao | MALICIOUS_CODE | EI_EXPOSE_REP2 | 65 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.service.jpa.EntityManagerService.getEntityManagerFactories() may expose internal representation by returning EntityManagerService._mapFactories | MALICIOUS_CODE | EI_EXPOSE_REP | 71 | Medium |
| Write to static field fr.paris.lutece.portal.service.jpa.EntityManagerService._mapFactories from instance method fr.paris.lutece.portal.service.jpa.EntityManagerService.setMapFactories(Map) | STYLE | ST_WRITE_TO_STATIC_FROM_INSTANCE_METHOD | 61 | High |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Public static fr.paris.lutece.portal.service.mail.MailAttachmentCacheService.getInstance() may expose internal representation by returning MailAttachmentCacheService._singleton | MALICIOUS_CODE | MS_EXPOSE_REP | 78 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.service.mail.MailItem.getFilesAttachement() may expose internal representation by returning MailItem._listFilesAttachement | MALICIOUS_CODE | EI_EXPOSE_REP | 287 | Medium |
| fr.paris.lutece.portal.service.mail.MailItem.getUrlsAttachement() may expose internal representation by returning MailItem._listUrlsAttachement | MALICIOUS_CODE | EI_EXPOSE_REP | 308 | Medium |
| fr.paris.lutece.portal.service.mail.MailItem.setFilesAttachement(List) may expose internal representation by storing an externally mutable object into MailItem._listFilesAttachement | MALICIOUS_CODE | EI_EXPOSE_REP2 | 298 | Medium |
| fr.paris.lutece.portal.service.mail.MailItem.setUrlsAttachement(List) may expose internal representation by storing an externally mutable object into MailItem._listUrlsAttachement | MALICIOUS_CODE | EI_EXPOSE_REP2 | 319 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.service.message.AdminMessage.getRequestParameters() may expose internal representation by returning AdminMessage._requestParameters | MALICIOUS_CODE | EI_EXPOSE_REP | 269 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.service.message.SiteMessage.getRequestParameters() may expose internal representation by returning SiteMessage._requestParameters | MALICIOUS_CODE | EI_EXPOSE_REP | 213 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.service.page.PageEvent.getPage() may expose internal representation by returning PageEvent._page | MALICIOUS_CODE | EI_EXPOSE_REP | 84 | Medium |
| new fr.paris.lutece.portal.service.page.PageEvent(Page, int) may expose internal representation by storing an externally mutable object into PageEvent._page | MALICIOUS_CODE | EI_EXPOSE_REP2 | 63 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.service.page.PageService.getPageCacheService() may expose internal representation by returning PageService._cachePages | MALICIOUS_CODE | EI_EXPOSE_REP | 1100 | Medium |
| fr.paris.lutece.portal.service.page.PageService.getPortletCacheService() may expose internal representation by returning PageService._cachePortlets | MALICIOUS_CODE | EI_EXPOSE_REP | 1121 | Medium |
| new fr.paris.lutece.portal.service.page.PageService(PageCacheService, PortletCacheService) may expose internal representation by storing an externally mutable object into PageService._cachePages | MALICIOUS_CODE | EI_EXPOSE_REP2 | 179 | Medium |
| new fr.paris.lutece.portal.service.page.PageService(PageCacheService, PortletCacheService) may expose internal representation by storing an externally mutable object into PageService._cachePortlets | MALICIOUS_CODE | EI_EXPOSE_REP2 | 180 | Medium |
| fr.paris.lutece.portal.service.page.PageService.setPageCacheKeyService(ICacheKeyService) may expose internal representation by storing an externally mutable object into PageService._cksPage | MALICIOUS_CODE | EI_EXPOSE_REP2 | 769 | Medium |
| fr.paris.lutece.portal.service.page.PageService.setPageCacheService(PageCacheService) may expose internal representation by storing an externally mutable object into PageService._cachePages | MALICIOUS_CODE | EI_EXPOSE_REP2 | 1111 | Medium |
| fr.paris.lutece.portal.service.page.PageService.setPortletCacheKeyService(ICacheKeyService) may expose internal representation by storing an externally mutable object into PageService._cksPortlet | MALICIOUS_CODE | EI_EXPOSE_REP2 | 778 | Medium |
| fr.paris.lutece.portal.service.page.PageService.setPortletCacheService(PortletCacheService) may expose internal representation by storing an externally mutable object into PageService._cachePortlets | MALICIOUS_CODE | EI_EXPOSE_REP2 | 1132 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.service.panel.LutecePanelService.getPanels() may expose internal representation by returning LutecePanelService._listPanels | MALICIOUS_CODE | EI_EXPOSE_REP | 141 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.service.plugin.Plugin.getAdminCssStyleSheets() may expose internal representation by returning Plugin._listAdminCssStyleSheets | MALICIOUS_CODE | EI_EXPOSE_REP | 1263 | Medium |
| fr.paris.lutece.portal.service.plugin.Plugin.getAdminJavascriptFiles() may expose internal representation by returning Plugin._listAdminJavascriptFiles | MALICIOUS_CODE | EI_EXPOSE_REP | 1274 | Medium |
| fr.paris.lutece.portal.service.plugin.Plugin.getApplications() may expose internal representation by returning Plugin._listXPageApplications | MALICIOUS_CODE | EI_EXPOSE_REP | 684 | Medium |
| fr.paris.lutece.portal.service.plugin.Plugin.getConnectionService() may expose internal representation by returning Plugin._connectionService | MALICIOUS_CODE | EI_EXPOSE_REP | 1009 | Medium |
| fr.paris.lutece.portal.service.plugin.Plugin.getContentService() may expose internal representation by returning Plugin._contentService | MALICIOUS_CODE | EI_EXPOSE_REP | 222 | Medium |
| fr.paris.lutece.portal.service.plugin.Plugin.getContentServices() may expose internal representation by returning Plugin._listContentServices | MALICIOUS_CODE | EI_EXPOSE_REP | 674 | Medium |
| fr.paris.lutece.portal.service.plugin.Plugin.getDaemons() may expose internal representation by returning Plugin._listDaemons | MALICIOUS_CODE | EI_EXPOSE_REP | 252 | Medium |
| fr.paris.lutece.portal.service.plugin.Plugin.getFreeMarkerMacrosFiles() may expose internal representation by returning Plugin._listFreemarkerMacrosFiles | MALICIOUS_CODE | EI_EXPOSE_REP | 1295 | Medium |
| fr.paris.lutece.portal.service.plugin.Plugin.getInsertServices() may expose internal representation by returning Plugin._listInsertServices | MALICIOUS_CODE | EI_EXPOSE_REP | 664 | Medium |
| fr.paris.lutece.portal.service.plugin.Plugin.getParams() may expose internal representation by returning Plugin._mapParams | MALICIOUS_CODE | EI_EXPOSE_REP | 1041 | Medium |
| fr.paris.lutece.portal.service.plugin.Plugin.getPortletTypes() may expose internal representation by returning Plugin._listPortletTypes | MALICIOUS_CODE | EI_EXPOSE_REP | 694 | Medium |
| fr.paris.lutece.portal.service.plugin.Plugin.getRights() may expose internal representation by returning Plugin._listRights | MALICIOUS_CODE | EI_EXPOSE_REP | 715 | Medium |
| fr.paris.lutece.portal.service.plugin.Plugin.setConnectionService(PluginConnectionService) may expose internal representation by storing an externally mutable object into Plugin._connectionService | MALICIOUS_CODE | EI_EXPOSE_REP2 | 1020 | Medium |
| fr.paris.lutece.portal.service.plugin.Plugin.setParams(Map) may expose internal representation by storing an externally mutable object into Plugin._mapParams | MALICIOUS_CODE | EI_EXPOSE_REP2 | 1069 | Medium |
| fr.paris.lutece.portal.service.plugin.Plugin.setPortletTypes(List) may expose internal representation by storing an externally mutable object into Plugin._listPortletTypes | MALICIOUS_CODE | EI_EXPOSE_REP2 | 705 | Medium |
| fr.paris.lutece.portal.service.plugin.Plugin.setRights(List) may expose internal representation by storing an externally mutable object into Plugin._listRights | MALICIOUS_CODE | EI_EXPOSE_REP2 | 726 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.service.plugin.PluginEvent.getPlugin() may expose internal representation by returning PluginEvent._plugin | MALICIOUS_CODE | EI_EXPOSE_REP | 80 | Medium |
| new fr.paris.lutece.portal.service.plugin.PluginEvent(Plugin, int) may expose internal representation by storing an externally mutable object into PluginEvent._plugin | MALICIOUS_CODE | EI_EXPOSE_REP2 | 59 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.service.plugin.PluginFile.getAdminCssStyleSheets() may expose internal representation by returning PluginFile._listAdminCssStyleSheets | MALICIOUS_CODE | EI_EXPOSE_REP | 1015 | Medium |
| fr.paris.lutece.portal.service.plugin.PluginFile.getAdminDashboardComponents() may expose internal representation by returning PluginFile._listAdminDashboardComponents | MALICIOUS_CODE | EI_EXPOSE_REP | 849 | Medium |
| fr.paris.lutece.portal.service.plugin.PluginFile.getAdminJavascriptFiles() may expose internal representation by returning PluginFile._listAdminJavascriptFiles | MALICIOUS_CODE | EI_EXPOSE_REP | 1026 | Medium |
| fr.paris.lutece.portal.service.plugin.PluginFile.getContentServices() may expose internal representation by returning PluginFile._listContentServices | MALICIOUS_CODE | EI_EXPOSE_REP | 744 | Medium |
| fr.paris.lutece.portal.service.plugin.PluginFile.getCssStyleSheetsForAllModes() may expose internal representation by returning PluginFile._listCssStyleSheets | MALICIOUS_CODE | EI_EXPOSE_REP | 508 | Medium |
| fr.paris.lutece.portal.service.plugin.PluginFile.getDaemons() may expose internal representation by returning PluginFile._listDaemons | MALICIOUS_CODE | EI_EXPOSE_REP | 891 | Medium |
| fr.paris.lutece.portal.service.plugin.PluginFile.getDashboardComponents() may expose internal representation by returning PluginFile._listDashboardComponents | MALICIOUS_CODE | EI_EXPOSE_REP | 828 | Medium |
| fr.paris.lutece.portal.service.plugin.PluginFile.getFilters() may expose internal representation by returning PluginFile._listFilters | MALICIOUS_CODE | EI_EXPOSE_REP | 654 | Medium |
| fr.paris.lutece.portal.service.plugin.PluginFile.getFreemarkerMacrosFiles() may expose internal representation by returning PluginFile._listFreemarkerMacrosFiles | MALICIOUS_CODE | EI_EXPOSE_REP | 585 | Medium |
| fr.paris.lutece.portal.service.plugin.PluginFile.getInsertServices() may expose internal representation by returning PluginFile._listInsertServices | MALICIOUS_CODE | EI_EXPOSE_REP | 765 | Medium |
| fr.paris.lutece.portal.service.plugin.PluginFile.getJavascriptFilesForAllModes() may expose internal representation by returning PluginFile._listJavascriptFiles | MALICIOUS_CODE | EI_EXPOSE_REP | 564 | Medium |
| fr.paris.lutece.portal.service.plugin.PluginFile.getListeners() may expose internal representation by returning PluginFile._listListeners | MALICIOUS_CODE | EI_EXPOSE_REP | 696 | Medium |
| fr.paris.lutece.portal.service.plugin.PluginFile.getPageIncludes() may expose internal representation by returning PluginFile._listPageIncludes | MALICIOUS_CODE | EI_EXPOSE_REP | 807 | Medium |
| fr.paris.lutece.portal.service.plugin.PluginFile.getParams() may expose internal representation by returning PluginFile._mapParams | MALICIOUS_CODE | EI_EXPOSE_REP | 922 | Medium |
| fr.paris.lutece.portal.service.plugin.PluginFile.getPortletTypes() may expose internal representation by returning PluginFile._listPortletTypes | MALICIOUS_CODE | EI_EXPOSE_REP | 723 | Medium |
| fr.paris.lutece.portal.service.plugin.PluginFile.getRBACResourceTypes() may expose internal representation by returning PluginFile._listRBACResourceTypes | MALICIOUS_CODE | EI_EXPOSE_REP | 870 | Medium |
| fr.paris.lutece.portal.service.plugin.PluginFile.getRights() may expose internal representation by returning PluginFile._listRights | MALICIOUS_CODE | EI_EXPOSE_REP | 612 | Medium |
| fr.paris.lutece.portal.service.plugin.PluginFile.getSearchIndexers() may expose internal representation by returning PluginFile._listSearchIndexers | MALICIOUS_CODE | EI_EXPOSE_REP | 786 | Medium |
| fr.paris.lutece.portal.service.plugin.PluginFile.getServlets() may expose internal representation by returning PluginFile._listServlets | MALICIOUS_CODE | EI_EXPOSE_REP | 675 | Medium |
| fr.paris.lutece.portal.service.plugin.PluginFile.getXPageApplications() may expose internal representation by returning PluginFile._listApplications | MALICIOUS_CODE | EI_EXPOSE_REP | 633 | Medium |
| fr.paris.lutece.portal.service.plugin.PluginFile.load(String) may fail to clean up java.io.InputStream | EXPERIMENTAL | OBL_UNSATISFIED_OBLIGATION | 151 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Public static fr.paris.lutece.portal.service.plugin.PluginService.getCore() may expose internal representation by returning PluginService._pluginCore | MALICIOUS_CODE | MS_EXPOSE_REP | 249 | Medium |
| Possible null pointer dereference in fr.paris.lutece.portal.service.plugin.PluginService.loadPlugins() due to return value of called method | STYLE | NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE | 149 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Public static fr.paris.lutece.portal.service.portal.PortalMenuService.getInstance() may expose internal representation by returning PortalMenuService._singleton | MALICIOUS_CODE | MS_EXPOSE_REP | 96 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Nullcheck of request at line 321 of value previously dereferenced in fr.paris.lutece.portal.service.portal.PortalService.buildPageContent(int, PageData, int, HttpServletRequest) | CORRECTNESS | RCN_REDUNDANT_NULLCHECK_WOULD_HAVE_BEEN_A_NPE | 274 | High |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Public static fr.paris.lutece.portal.service.prefs.AdminUserPreferencesService.instance() may expose internal representation by returning AdminUserPreferencesService._singleton | MALICIOUS_CODE | MS_EXPOSE_REP | 63 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.service.prefs.BaseUserPreferencesServiceImpl.setDao(IPreferencesDAO) may expose internal representation by storing an externally mutable object into BaseUserPreferencesServiceImpl._dao | MALICIOUS_CODE | EI_EXPOSE_REP2 | 69 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Public static fr.paris.lutece.portal.service.prefs.UserPreferencesService.instance() may expose internal representation by returning UserPreferencesService._singleton | MALICIOUS_CODE | MS_EXPOSE_REP | 63 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Public static fr.paris.lutece.portal.service.progressmanager.ProgressManagerService.getInstance() may expose internal representation by returning ProgressManagerService._singleton | MALICIOUS_CODE | MS_EXPOSE_REP | 78 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Redundant nullcheck of fr.paris.lutece.portal.service.regularexpression.RegularExpressionService._service, which is known to be non-null in new fr.paris.lutece.portal.service.regularexpression.RegularExpressionService() | STYLE | RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE | 65 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Write to static field fr.paris.lutece.portal.service.scheduler.JobSchedulerService._scheduler from instance method fr.paris.lutece.portal.service.scheduler.JobSchedulerService.init() | STYLE | ST_WRITE_TO_STATIC_FROM_INSTANCE_METHOD | 86 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Public static fr.paris.lutece.portal.service.search.IndexationService.getAnalyser() may expose internal representation by returning IndexationService._analyzer | MALICIOUS_CODE | MS_EXPOSE_REP | 553 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Exception is caught when Exception is not thrown in fr.paris.lutece.portal.service.search.LuceneSearchEngine.search(String, String, Query, HttpServletRequest, boolean) | STYLE | REC_CATCH_EXCEPTION | 286 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Found reliance on default encoding in fr.paris.lutece.portal.service.search.PageIndexer.getDocument(Page, String): String.getBytes() | I18N | DM_DEFAULT_ENCODING | 237 | High |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.service.search.SearchResult.getDate() may expose internal representation by returning SearchResult._date | MALICIOUS_CODE | EI_EXPOSE_REP | 81 | Medium |
| fr.paris.lutece.portal.service.search.SearchResult.getRoles() may expose internal representation by returning SearchResult._listRoles | MALICIOUS_CODE | EI_EXPOSE_REP | 186 | Medium |
| fr.paris.lutece.portal.service.search.SearchResult.setDate(Date) may expose internal representation by storing an externally mutable object into SearchResult._date | MALICIOUS_CODE | EI_EXPOSE_REP2 | 92 | Medium |
| fr.paris.lutece.portal.service.search.SearchResult.setRole(List) may expose internal representation by storing an externally mutable object into SearchResult._listRoles | MALICIOUS_CODE | EI_EXPOSE_REP2 | 197 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Redundant nullcheck of fr.paris.lutece.portal.service.search.SponsoredLinksSearchService._sponsoredLinksService, which is known to be non-null in new fr.paris.lutece.portal.service.search.SponsoredLinksSearchService() | STYLE | RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE | 64 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.service.security.LuteceUser.getGroups() may expose internal representation by returning LuteceUser._groups | MALICIOUS_CODE | EI_EXPOSE_REP | 332 | Medium |
| fr.paris.lutece.portal.service.security.LuteceUser.getRoles() may expose internal representation by returning LuteceUser._roles | MALICIOUS_CODE | EI_EXPOSE_REP | 286 | Medium |
| fr.paris.lutece.portal.service.security.LuteceUser.getUserInfos() may expose internal representation by returning LuteceUser._mapUserInfo | MALICIOUS_CODE | EI_EXPOSE_REP | 185 | Medium |
| fr.paris.lutece.portal.service.security.LuteceUser.getUserWorkgroups() may expose internal representation by returning LuteceUser._workgroups | MALICIOUS_CODE | EI_EXPOSE_REP | 530 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Public static fr.paris.lutece.portal.service.security.LuteceUserCacheService.getInstance() may expose internal representation by returning LuteceUserCacheService._instance | MALICIOUS_CODE | MS_EXPOSE_REP | 65 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Found reliance on default encoding in fr.paris.lutece.portal.service.security.RsaService.decryptRsa(String, PrivateKey): new String(byte[]) | I18N | DM_DEFAULT_ENCODING | 108 | High |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.service.servlet.LuteceServlet.getInitParameters() may expose internal representation by returning LuteceServlet._mapInitParameters | MALICIOUS_CODE | EI_EXPOSE_REP | 123 | Medium |
| fr.paris.lutece.portal.service.servlet.LuteceServlet.getPlugin() may expose internal representation by returning LuteceServlet._plugin | MALICIOUS_CODE | EI_EXPOSE_REP | 113 | Medium |
| new fr.paris.lutece.portal.service.servlet.LuteceServlet(String, Servlet, String, Plugin, Map) may expose internal representation by storing an externally mutable object into LuteceServlet._mapInitParameters | MALICIOUS_CODE | EI_EXPOSE_REP2 | 73 | Medium |
| new fr.paris.lutece.portal.service.servlet.LuteceServlet(String, Servlet, String, Plugin, Map) may expose internal representation by storing an externally mutable object into LuteceServlet._plugin | MALICIOUS_CODE | EI_EXPOSE_REP2 | 72 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.service.servlet.LuteceServletConfig.getServletContext() may expose internal representation by returning LuteceServletConfig._context | MALICIOUS_CODE | EI_EXPOSE_REP | 82 | Medium |
| new fr.paris.lutece.portal.service.servlet.LuteceServletConfig(String, ServletContext, Map) may expose internal representation by storing an externally mutable object into LuteceServletConfig._context | MALICIOUS_CODE | EI_EXPOSE_REP2 | 65 | Medium |
| new fr.paris.lutece.portal.service.servlet.LuteceServletConfig(String, ServletContext, Map) may expose internal representation by storing an externally mutable object into LuteceServletConfig._mapInitParameters | MALICIOUS_CODE | EI_EXPOSE_REP2 | 66 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.service.servlet.ServletEntry.getInitParameters() may expose internal representation by returning ServletEntry._mapInitParameters | MALICIOUS_CODE | EI_EXPOSE_REP | 134 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.service.servlet.ServletService.getServlets() may expose internal representation by returning ServletService._listServlets | MALICIOUS_CODE | EI_EXPOSE_REP | 152 | Medium |
| fr.paris.lutece.portal.service.servlet.ServletService.init(ServletContext) may expose internal static state by storing a mutable object into a static field fr.paris.lutece.portal.service.servlet.ServletService._context | MALICIOUS_CODE | EI_EXPOSE_STATIC_REP2 | 122 | Medium |
| fr.paris.lutece.portal.service.servlet.ServletService.setServletContext(ServletContext) may expose internal static state by storing a mutable object into a static field fr.paris.lutece.portal.service.servlet.ServletService._context | MALICIOUS_CODE | EI_EXPOSE_STATIC_REP2 | 108 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Public static fr.paris.lutece.portal.service.sessionlistener.HttpSessionListenerService.getListeners() may expose internal representation by returning HttpSessionListenerService.LIST_LISTENERS | MALICIOUS_CODE | MS_EXPOSE_REP | 88 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Public static fr.paris.lutece.portal.service.template.FreeMarkerTemplateService.getInstance() may expose internal representation by returning FreeMarkerTemplateService._singleton | MALICIOUS_CODE | MS_EXPOSE_REP | 70 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Public static fr.paris.lutece.portal.service.user.attribute.AttributeFieldService.getInstance() may expose internal representation by returning AttributeFieldService._singleton | MALICIOUS_CODE | MS_EXPOSE_REP | 67 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Public static fr.paris.lutece.portal.service.user.attribute.AttributeService.getInstance() may expose internal representation by returning AttributeService._singleton | MALICIOUS_CODE | MS_EXPOSE_REP | 72 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.service.user.attribute.AttributeTypeService.getAttributeTypes(Locale) may expose internal representation by returning AttributeTypeService._listAttributeTypes | MALICIOUS_CODE | EI_EXPOSE_REP | 92 | Medium |
| Write to static field fr.paris.lutece.portal.service.user.attribute.AttributeTypeService._listAttributeTypes from instance method fr.paris.lutece.portal.service.user.attribute.AttributeTypeService.getAttributeTypes(Locale) | STYLE | ST_WRITE_TO_STATIC_FROM_INSTANCE_METHOD | 90 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| new fr.paris.lutece.portal.service.user.menu.AdminUserMenuItemProviderRegistrar(AdminUserMenuService) may expose internal representation by storing an externally mutable object into AdminUserMenuItemProviderRegistrar._service | MALICIOUS_CODE | EI_EXPOSE_REP2 | 70 | Medium |
| fr.paris.lutece.portal.service.user.menu.AdminUserMenuItemProviderRegistrar.setProvider(IAdminUserMenuItemProvider) may expose internal representation by storing an externally mutable object into AdminUserMenuItemProviderRegistrar._provider | MALICIOUS_CODE | EI_EXPOSE_REP2 | 104 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Random object created and used only once in fr.paris.lutece.portal.service.util.CryptoService.getCryptoKey() | BAD_PRACTICE | DMI_RANDOM_USED_ONLY_ONCE | 164 | High |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.util.mvc.admin.MVCAdminJspBean.processController(HttpServletRequest, HttpServletResponse) may expose internal representation by storing an externally mutable object into MVCAdminJspBean._response | MALICIOUS_CODE | EI_EXPOSE_REP2 | 108 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.web.admin.AdminFeaturesPageJspBean.getUser() may expose internal representation by returning AdminFeaturesPageJspBean._user | MALICIOUS_CODE | EI_EXPOSE_REP | 184 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Do not catch NullPointerException like in fr.paris.lutece.portal.web.admin.AdminPagePortletJspBean.doModifyPortletStatus(HttpServletRequest) | STYLE | DCN_NULLPOINTER_EXCEPTION | 341 | Medium |
| Do not catch NullPointerException like in fr.paris.lutece.portal.web.admin.AdminPagePortletJspBean.doRemovePortlet(HttpServletRequest) | STYLE | DCN_NULLPOINTER_EXCEPTION | 228 | Medium |
| Do not catch NullPointerException like in fr.paris.lutece.portal.web.admin.AdminPagePortletJspBean.doUpdatePortletPosition(HttpServletRequest) | STYLE | DCN_NULLPOINTER_EXCEPTION | 396 | Medium |
| Do not catch NullPointerException like in fr.paris.lutece.portal.web.admin.AdminPagePortletJspBean.getModifyPortletStatus(HttpServletRequest) | STYLE | DCN_NULLPOINTER_EXCEPTION | 281 | Medium |
| Do not catch NullPointerException like in fr.paris.lutece.portal.web.admin.AdminPagePortletJspBean.getRemovePortlet(HttpServletRequest) | STYLE | DCN_NULLPOINTER_EXCEPTION | 160 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.web.admin.PluginAdminPageJspBean.getPlugin() may expose internal representation by returning PluginAdminPageJspBean._plugin | MALICIOUS_CODE | EI_EXPOSE_REP | 90 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.web.dashboard.DashboardJspBean is Serializable; consider declaring a serialVersionUID | BAD_PRACTICE | SE_NO_SERIALVERSIONID | 57-188 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Redundant nullcheck of fileStoreServiceProvider, which is known to be non-null in fr.paris.lutece.portal.web.download.AbstractDownloadServlet.doGet(HttpServletRequest, HttpServletResponse) | STYLE | RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE | 71 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Public static fr.paris.lutece.portal.web.l10n.LocaleService.getSupportedLangList() may expose internal representation by returning LocaleService._supportedLocales | MALICIOUS_CODE | MS_EXPOSE_REP | 222 | Medium |
| Possible null pointer dereference of request in fr.paris.lutece.portal.web.l10n.LocaleService.getContextUserLocale(HttpServletRequest) | CORRECTNESS | NP_NULL_ON_SOME_PATH | 170 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Class fr.paris.lutece.portal.web.search.SearchApp defines non-transient non-serializable instance field _engine | BAD_PRACTICE | SE_BAD_FIELD | Not available | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.web.system.SystemFile.getDate() may expose internal representation by returning SystemFile._date | MALICIOUS_CODE | EI_EXPOSE_REP | 120 | Medium |
| fr.paris.lutece.portal.web.system.SystemFile.setDate(Date) may expose internal representation by storing an externally mutable object into SystemFile._date | MALICIOUS_CODE | EI_EXPOSE_REP2 | 131 | Medium |
| fr.paris.lutece.portal.web.system.SystemFile defines compareTo(Object) and uses Object.equals() | BAD_PRACTICE | EQ_COMPARETO_USE_OBJECT_EQUALS | 165 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Possible null pointer dereference in fr.paris.lutece.portal.web.system.SystemJspBean.getManageFilesSystemDir(HttpServletRequest) due to return value of called method | STYLE | NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE | 160 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.web.upload.MultipartHttpServletRequest.getFileListMap() may expose internal representation by returning MultipartHttpServletRequest._multipartFiles | MALICIOUS_CODE | EI_EXPOSE_REP | 139 | Medium |
| fr.paris.lutece.portal.web.upload.MultipartHttpServletRequest.getParameterMap() may expose internal representation by returning MultipartHttpServletRequest._stringParameters | MALICIOUS_CODE | EI_EXPOSE_REP | 119 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| new fr.paris.lutece.portal.web.upload.NormalizeFileItem(FileItem) may expose internal representation by storing an externally mutable object into NormalizeFileItem._item | MALICIOUS_CODE | EI_EXPOSE_REP2 | 64 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Boxing/unboxing to parse a primitive fr.paris.lutece.portal.web.user.AdminLoginJspBean.doResetPassword(HttpServletRequest) | PERFORMANCE | DM_BOXED_PRIMITIVE_FOR_PARSING | 574 | High |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Public static fr.paris.lutece.portal.web.xpages.SiteMapCacheService.getInstance() may expose internal representation by returning SiteMapCacheService._instance | MALICIOUS_CODE | MS_EXPOSE_REP | 65 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.portal.web.xpages.XPageApplicationEntry.getRoles() may expose internal representation by returning XPageApplicationEntry._listRoles | MALICIOUS_CODE | EI_EXPOSE_REP | 104 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.util.PropertiesService.getProperties() may expose internal representation by returning PropertiesService._properties | MALICIOUS_CODE | EI_EXPOSE_REP | 306 | Medium |
| Unread field: fr.paris.lutece.util.PropertiesService.MESSAGE_CIPHERED_PROPERTY_SECURITY_EXCEPTION; should this field be static? | PERFORMANCE | SS_SHOULD_BE_STATIC | 61 | Medium |
| Unread field: fr.paris.lutece.util.PropertiesService.RSA_KEY_PREFIX; should this field be static? | PERFORMANCE | SS_SHOULD_BE_STATIC | 60 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Exception is caught when Exception is not thrown in fr.paris.lutece.util.ReferenceList.convert(Collection, String, String, boolean) | STYLE | REC_CATCH_EXCEPTION | 145 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Possible null pointer dereference in fr.paris.lutece.util.annotation.ScannotationDB.init() due to return value of called method | STYLE | NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE | 119 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.util.beanvalidation.DefaultValidationErrorConfig.getVariablesPrefix() may expose internal representation by returning DefaultValidationErrorConfig.VARIABLES_PREFIX | MALICIOUS_CODE | EI_EXPOSE_REP | 74 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Write to static field fr.paris.lutece.util.beanvalidation.LuteceMessageInterpolator._locale from instance method new fr.paris.lutece.util.beanvalidation.LuteceMessageInterpolator() | STYLE | ST_WRITE_TO_STATIC_FROM_INSTANCE_METHOD | 61 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.util.datatable.DataTableFilter.getRefList() may expose internal representation by returning DataTableFilter._refList | MALICIOUS_CODE | EI_EXPOSE_REP | 136 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.util.datatable.DataTableManager.getFilterPanel() may expose internal representation by returning DataTableManager._filterPanel | MALICIOUS_CODE | EI_EXPOSE_REP | 402 | Medium |
| fr.paris.lutece.util.datatable.DataTableManager.getListColumn() may expose internal representation by returning DataTableManager._listColumn | MALICIOUS_CODE | EI_EXPOSE_REP | 423 | Medium |
| fr.paris.lutece.util.datatable.DataTableManager.getPaginator() may expose internal representation by returning DataTableManager._paginator | MALICIOUS_CODE | EI_EXPOSE_REP | 511 | Medium |
| fr.paris.lutece.util.datatable.DataTableManager.setFilterPanel(FilterPanel) may expose internal representation by storing an externally mutable object into DataTableManager._filterPanel | MALICIOUS_CODE | EI_EXPOSE_REP2 | 413 | Medium |
| fr.paris.lutece.util.datatable.DataTableManager.setListColumn(List) may expose internal representation by storing an externally mutable object into DataTableManager._listColumn | MALICIOUS_CODE | EI_EXPOSE_REP2 | 434 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.util.datatable.FilterPanel.getListFilter() may expose internal representation by returning FilterPanel._listFilter | MALICIOUS_CODE | EI_EXPOSE_REP | 138 | Medium |
| Class fr.paris.lutece.util.datatable.FilterPanel defines non-transient non-serializable instance field _listFilter | BAD_PRACTICE | SE_BAD_FIELD | Not available | High |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Found reliance on default encoding in fr.paris.lutece.util.env.EnvUtil.getFileContent(String): new String(byte[]) | I18N | DM_DEFAULT_ENCODING | 128 | High |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.util.html.DelegatePaginator.getPageItems() may expose internal representation by returning AbstractPaginator._list | MALICIOUS_CODE | EI_EXPOSE_REP | 122 | Medium |
| new fr.paris.lutece.util.html.DelegatePaginator(List, int, String, String, String, int) may expose internal representation by storing an externally mutable object into DelegatePaginator._list | MALICIOUS_CODE | EI_EXPOSE_REP2 | 67 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| new fr.paris.lutece.util.html.ItemNavigator(List, int, String, String) may expose internal representation by storing an externally mutable object into ItemNavigator._listItems | MALICIOUS_CODE | EI_EXPOSE_REP2 | 71 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| new fr.paris.lutece.util.html.Paginator(List, int, String, String, String) may expose internal representation by storing an externally mutable object into Paginator._list | MALICIOUS_CODE | EI_EXPOSE_REP2 | 65 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.util.jpa.JPAGenericDAO.getEM() may expose internal representation by returning JPAGenericDAO._defaultEM | MALICIOUS_CODE | EI_EXPOSE_REP | 140 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.util.jpa.transaction.ChainedTransactionManager.getTransactionManagers() may expose internal representation by returning ChainedTransactionManager._transactionManagers | MALICIOUS_CODE | EI_EXPOSE_REP | 162 | Medium |
| fr.paris.lutece.util.jpa.transaction.ChainedTransactionManager.setTransactionManagers(List) may expose internal representation by storing an externally mutable object into ChainedTransactionManager._transactionManagers | MALICIOUS_CODE | EI_EXPOSE_REP2 | 179 | Medium |
| fr.paris.lutece.util.jpa.transaction.ChainedTransactionManager.getTransaction(TransactionDefinition) may return null, but is declared @Nonnull | CORRECTNESS | NP_NONNULL_RETURN_VIOLATION | 75 | High |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.util.jpa.transaction.MultiTransactionStatus.getTransactionStatuses() may expose internal representation by returning MultiTransactionStatus._transactionStatuses | MALICIOUS_CODE | EI_EXPOSE_REP | 203 | Medium |
| fr.paris.lutece.util.jpa.transaction.MultiTransactionStatus.setTransactionStatuses(Map) may expose internal representation by storing an externally mutable object into MultiTransactionStatus._transactionStatuses | MALICIOUS_CODE | EI_EXPOSE_REP2 | 214 | Medium |
| fr.paris.lutece.util.jpa.transaction.MultiTransactionStatus.createSavepoint() may return null, but is declared @Nonnull | CORRECTNESS | NP_NONNULL_RETURN_VIOLATION | 169 | High |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| new fr.paris.lutece.util.mail.ByteArrayDataSource(byte[], String) may expose internal representation by storing an externally mutable object into ByteArrayDataSource._data | MALICIOUS_CODE | EI_EXPOSE_REP2 | 96 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.util.mail.FileAttachment.getData() may expose internal representation by returning FileAttachment._data | MALICIOUS_CODE | EI_EXPOSE_REP | 73 | Medium |
| new fr.paris.lutece.util.mail.FileAttachment(String, byte[], String) may expose internal representation by storing an externally mutable object into FileAttachment._data | MALICIOUS_CODE | EI_EXPOSE_REP2 | 63 | Medium |
| fr.paris.lutece.util.mail.FileAttachment.setData(byte[]) may expose internal representation by storing an externally mutable object into FileAttachment._data | MALICIOUS_CODE | EI_EXPOSE_REP2 | 84 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Found reliance on default encoding in new fr.paris.lutece.util.mail.HtmlDocument(String, String, boolean): String.getBytes() | I18N | DM_DEFAULT_ENCODING | 120 | High |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Do not catch NullPointerException like in fr.paris.lutece.util.pool.PoolManager.getConnectionService(Map, String) | STYLE | DCN_NULLPOINTER_EXCEPTION | 213 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.util.pool.service.C3p0ConnectionService.getDataSource() may expose internal representation by returning C3p0ConnectionService._dataSource | MALICIOUS_CODE | EI_EXPOSE_REP | 261 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.util.pool.service.ConnectionPool.getLogWriter() may expose internal representation by returning ConnectionPool._logWriter | MALICIOUS_CODE | EI_EXPOSE_REP | 444 | Medium |
| fr.paris.lutece.util.pool.service.ConnectionPool.setLogWriter(PrintWriter) may expose internal representation by storing an externally mutable object into ConnectionPool._logWriter | MALICIOUS_CODE | EI_EXPOSE_REP2 | 459 | Medium |
| Return value of java.sql.Statement.executeQuery(String) ignored in fr.paris.lutece.util.pool.service.ConnectionPool.isConnectionOK(Connection) | CORRECTNESS | RV_RETURN_VALUE_IGNORED | 236 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Do not catch NullPointerException like in fr.paris.lutece.util.pool.service.LuteceConnectionService.init(Map) | STYLE | DCN_NULLPOINTER_EXCEPTION | 155 | Medium |
| fr.paris.lutece.util.pool.service.LuteceConnectionService.getConnectionPool() may expose internal representation by returning LuteceConnectionService._connPool | MALICIOUS_CODE | EI_EXPOSE_REP | 227 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.util.pool.service.TomcatConnectionService.getDataSource() may expose internal representation by returning TomcatConnectionService._ds | MALICIOUS_CODE | EI_EXPOSE_REP | 204 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Found reliance on default encoding in fr.paris.lutece.util.rsa.RSAKeyDatastoreProvider.getPrivateKey(): String.getBytes() | I18N | DM_DEFAULT_ENCODING | 81 | High |
| Found reliance on default encoding in fr.paris.lutece.util.rsa.RSAKeyDatastoreProvider.getPublicKey(): String.getBytes() | I18N | DM_DEFAULT_ENCODING | 64 | High |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Found reliance on default encoding in fr.paris.lutece.util.rsa.RSAKeyEnvironmentProvider.getPrivateKey(): String.getBytes() | I18N | DM_DEFAULT_ENCODING | 79 | High |
| Found reliance on default encoding in fr.paris.lutece.util.rsa.RSAKeyEnvironmentProvider.getPublicKey(): String.getBytes() | I18N | DM_DEFAULT_ENCODING | 61 | High |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.util.sql.DAOUtil.getGeneratedKeysResultSet() may expose internal representation by returning DAOUtil._generatedKeysResultSet | MALICIOUS_CODE | EI_EXPOSE_REP | 1581 | Medium |
| fr.paris.lutece.util.sql.DAOUtil.getResultSet() may expose internal representation by returning DAOUtil._resultSet | MALICIOUS_CODE | EI_EXPOSE_REP | 1570 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| fr.paris.lutece.util.sql.Transaction.getStatement() may expose internal representation by returning Transaction._statement | MALICIOUS_CODE | EI_EXPOSE_REP | 202 | Medium |
| fr.paris.lutece.util.sql.Transaction.prepareStatement(String, Integer, boolean) may expose internal representation by returning Transaction._statement | MALICIOUS_CODE | EI_EXPOSE_REP | 192 | Medium |
