WinRM Java Client 1.1.02
-
Home
- Project Documentation Project Reports 10
SpotBugs Bug Detector Report
The following document contains the results of SpotBugs[1]
SpotBugs Version is 4.9.2
Threshold is medium
Effort is default
Summary
| Classes | Bugs | Errors | Missing Classes |
|---|---|---|---|
| 133 | 143 | 1 | 0 |
Files
org.metricshub.winrm.WindowsRemoteProcessUtils
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Possible null pointer dereference in org.metricshub.winrm.WindowsRemoteProcessUtils.copyToShare(Path, String, String) due to return value of called method | STYLE | NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE[2] | 207[3] | Medium |
| Possible null pointer dereference in org.metricshub.winrm.WindowsRemoteProcessUtils.copyToShare(Path, String, String) due to return value of called method | STYLE | NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE[2] | 208[4] | Medium |
org.metricshub.winrm.WqlQuery
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.metricshub.winrm.WqlQuery.getSelectedProperties() may expose internal representation by returning WqlQuery.selectedProperties | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 230[6] | Medium |
| org.metricshub.winrm.WqlQuery.getSubPropertiesMap() may expose internal representation by returning WqlQuery.subPropertiesMap | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 234[7] | Medium |
org.metricshub.winrm.service.WinRMEndpoint
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Exception thrown in class org.metricshub.winrm.service.WinRMEndpoint at new org.metricshub.winrm.service.WinRMEndpoint(WinRMHttpProtocolEnum, String, Integer, String, char[], String) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. | BAD_PRACTICE | CT_CONSTRUCTOR_THROW[8] | 86[9] | Medium |
| org.metricshub.winrm.service.WinRMEndpoint.getPassword() may expose internal representation by returning WinRMEndpoint.password | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 116[10] | Medium |
| new org.metricshub.winrm.service.WinRMEndpoint(WinRMHttpProtocolEnum, String, Integer, String, char[], String) may expose internal representation by storing an externally mutable object into WinRMEndpoint.password | MALICIOUS_CODE | EI_EXPOSE_REP2[11] | 68[12] | Medium |
org.metricshub.winrm.service.WinRMInvocationHandler
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Exception thrown in class org.metricshub.winrm.service.WinRMInvocationHandler at new org.metricshub.winrm.service.WinRMInvocationHandler(WinRMEndpoint, Bus, long, String, Path, List) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. | BAD_PRACTICE | CT_CONSTRUCTOR_THROW[8] | 170[13] | Medium |
| org.metricshub.winrm.service.WinRMInvocationHandler.getClient() may expose internal representation by returning WinRMInvocationHandler.wsClient | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 179[14] | Medium |
org.metricshub.winrm.service.WinRMService
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Do not catch NullPointerException like in org.metricshub.winrm.service.WinRMService.assertFaultCode(SOAPFaultException, String, boolean) | STYLE | DCN_NULLPOINTER_EXCEPTION[15] | 632[16] | Medium |
| Load of known null value in org.metricshub.winrm.service.WinRMService.getContextIdFrom(EnumerationContextType) | STYLE | NP_LOAD_OF_KNOWN_NULL_VALUE[17] | 828[18] | Medium |
| Format string should use %n rather than \n in org.metricshub.winrm.service.WinRMService.createInstance(WinRMEndpoint, long, Path, List) | BAD_PRACTICE | VA_FORMAT_STRING_USES_NEWLINE[19] | 305[20] | Medium |
org.metricshub.winrm.service.client.WinRMInvocationHandler
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Exception thrown in class org.metricshub.winrm.service.client.WinRMInvocationHandler at new org.metricshub.winrm.service.client.WinRMInvocationHandler(WinRMEndpoint, Bus, long, String, Path, List) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. | BAD_PRACTICE | CT_CONSTRUCTOR_THROW[8] | 173[21] | Medium |
| org.metricshub.winrm.service.client.WinRMInvocationHandler.getClient() may expose internal representation by returning WinRMInvocationHandler.wsClient | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 182[22] | Medium |
org.metricshub.winrm.service.client.auth.UsernamePasswordCallbackHandler
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| new org.metricshub.winrm.service.client.auth.UsernamePasswordCallbackHandler(String, char[]) may expose internal representation by storing an externally mutable object into UsernamePasswordCallbackHandler.password | MALICIOUS_CODE | EI_EXPOSE_REP2[11] | 43[23] | Medium |
org.metricshub.winrm.service.client.auth.ntlm.NTCredentialsWithEncryption
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| This write of the 64-bit primitive variable "negotiateFlags" may not atomic | MT_CORRECTNESS | AT_NONATOMIC_64BIT_PRIMITIVE[24] | 109[25] | Medium |
| Shared primitive variable "isAuthenticated" in one thread may not yield the value of the most recent write from another thread | MT_CORRECTNESS | AT_STALE_THREAD_WRITE_OF_PRIMITIVE[26] | 65[27] | Medium |
| org.metricshub.winrm.service.client.auth.ntlm.NTCredentialsWithEncryption.getClientSealingKey() may expose internal representation by returning NTCredentialsWithEncryption.clientSealingKey | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 93[28] | Medium |
| org.metricshub.winrm.service.client.auth.ntlm.NTCredentialsWithEncryption.getClientSigningKey() may expose internal representation by returning NTCredentialsWithEncryption.clientSigningKey | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 77[29] | Medium |
| org.metricshub.winrm.service.client.auth.ntlm.NTCredentialsWithEncryption.getSequenceNumberIncoming() may expose internal representation by returning NTCredentialsWithEncryption.sequenceNumberIncoming | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 113[30] | Medium |
| org.metricshub.winrm.service.client.auth.ntlm.NTCredentialsWithEncryption.getSequenceNumberOutgoing() may expose internal representation by returning NTCredentialsWithEncryption.sequenceNumberOutgoing | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 117[31] | Medium |
| org.metricshub.winrm.service.client.auth.ntlm.NTCredentialsWithEncryption.getServerSealingKey() may expose internal representation by returning NTCredentialsWithEncryption.serverSealingKey | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 97[32] | Medium |
| org.metricshub.winrm.service.client.auth.ntlm.NTCredentialsWithEncryption.getServerSigningKey() may expose internal representation by returning NTCredentialsWithEncryption.serverSigningKey | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 81[33] | Medium |
| org.metricshub.winrm.service.client.auth.ntlm.NTCredentialsWithEncryption.setClientSealingKey(byte[]) may expose internal representation by storing an externally mutable object into NTCredentialsWithEncryption.clientSealingKey | MALICIOUS_CODE | EI_EXPOSE_REP2[11] | 85[34] | Medium |
| org.metricshub.winrm.service.client.auth.ntlm.NTCredentialsWithEncryption.setClientSigningKey(byte[]) may expose internal representation by storing an externally mutable object into NTCredentialsWithEncryption.clientSigningKey | MALICIOUS_CODE | EI_EXPOSE_REP2[11] | 69[35] | Medium |
| org.metricshub.winrm.service.client.auth.ntlm.NTCredentialsWithEncryption.setServerSealingKey(byte[]) may expose internal representation by storing an externally mutable object into NTCredentialsWithEncryption.serverSealingKey | MALICIOUS_CODE | EI_EXPOSE_REP2[11] | 89[36] | Medium |
| org.metricshub.winrm.service.client.auth.ntlm.NTCredentialsWithEncryption.setServerSigningKey(byte[]) may expose internal representation by storing an externally mutable object into NTCredentialsWithEncryption.serverSigningKey | MALICIOUS_CODE | EI_EXPOSE_REP2[11] | 73[37] | Medium |
org.metricshub.winrm.service.client.auth.ntlm.NTLMMessage
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Exception thrown in class org.metricshub.winrm.service.client.auth.ntlm.NTLMMessage at new org.metricshub.winrm.service.client.auth.ntlm.NTLMMessage(byte[], int) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. | BAD_PRACTICE | CT_CONSTRUCTOR_THROW[8] | 61[38] | Medium |
org.metricshub.winrm.service.client.auth.ntlm.NtlmKeys
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Found reliance on default encoding in org.metricshub.winrm.service.client.auth.ntlm.NtlmKeys.<static initializer for NtlmKeys>(): String.getBytes() | I18N | DM_DEFAULT_ENCODING[39] | 40[40] | High |
org.metricshub.winrm.service.client.auth.ntlm.Type2Message
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Exception thrown in class org.metricshub.winrm.service.client.auth.ntlm.Type2Message at new org.metricshub.winrm.service.client.auth.ntlm.Type2Message(String) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. | BAD_PRACTICE | CT_CONSTRUCTOR_THROW[8] | 41[41] | Medium |
| Exception thrown in class org.metricshub.winrm.service.client.auth.ntlm.Type2Message at new org.metricshub.winrm.service.client.auth.ntlm.Type2Message(byte[]) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. | BAD_PRACTICE | CT_CONSTRUCTOR_THROW[8] | 62[42] | Medium |
org.metricshub.winrm.service.client.auth.ntlm.Type3Message
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Exception thrown in class org.metricshub.winrm.service.client.auth.ntlm.Type3Message at new org.metricshub.winrm.service.client.auth.ntlm.Type3Message(String, String, String, String, byte[], int, String, byte[]) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. | BAD_PRACTICE | CT_CONSTRUCTOR_THROW[8] | 76[43] | Medium |
| org.metricshub.winrm.service.client.auth.ntlm.Type3Message.<static initializer for Type3Message>() might ignore java.lang.Exception | BAD_PRACTICE | DE_MIGHT_IGNORE[44] | 46[45] | High |
org.metricshub.winrm.service.client.encryption.AsyncHttpEncryptionAwareConduit
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Found reliance on default encoding in org.metricshub.winrm.service.client.encryption.AsyncHttpEncryptionAwareConduit.<static initializer for AsyncHttpEncryptionAwareConduit>(): String.getBytes() | I18N | DM_DEFAULT_ENCODING[39] | 56[46] | High |
org.metricshub.winrm.service.client.encryption.CipherGen
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.metricshub.winrm.service.client.encryption.CipherGen.getLM2SessionResponse() may expose internal representation by returning CipherGen.lm2SessionResponse | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 412[47] | Medium |
| org.metricshub.winrm.service.client.encryption.CipherGen.getLMResponse() may expose internal representation by returning CipherGen.lmResponse | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 130[48] | Medium |
| org.metricshub.winrm.service.client.encryption.CipherGen.getLMUserSessionKey() may expose internal representation by returning CipherGen.lmUserSessionKey | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 422[49] | Medium |
| org.metricshub.winrm.service.client.encryption.CipherGen.getLMv2Response() may expose internal representation by returning CipherGen.lmv2Response | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 247[50] | Medium |
| org.metricshub.winrm.service.client.encryption.CipherGen.getLanManagerSessionKey() may expose internal representation by returning CipherGen.lanManagerSessionKey | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 482[51] | Medium |
| org.metricshub.winrm.service.client.encryption.CipherGen.getNTLM2SessionResponse() may expose internal representation by returning CipherGen.ntlm2SessionResponse | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 255[52] | Medium |
| org.metricshub.winrm.service.client.encryption.CipherGen.getNTLM2SessionResponseUserSessionKey() may expose internal representation by returning CipherGen.ntlm2SessionResponseUserSessionKey | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 455[53] | Medium |
| org.metricshub.winrm.service.client.encryption.CipherGen.getNTLMResponse() may expose internal representation by returning CipherGen.ntlmResponse | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 146[54] | Medium |
| org.metricshub.winrm.service.client.encryption.CipherGen.getNTLMUserSessionKey() may expose internal representation by returning CipherGen.ntlmUserSessionKey | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 432[55] | Medium |
| org.metricshub.winrm.service.client.encryption.CipherGen.getNTLMv2Response() may expose internal representation by returning CipherGen.ntlmv2Response | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 239[56] | Medium |
| org.metricshub.winrm.service.client.encryption.CipherGen.getNTLMv2UserSessionKey() may expose internal representation by returning CipherGen.ntlmv2UserSessionKey | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 443[57] | Medium |
| org.metricshub.winrm.service.client.encryption.CipherGen.getSecondaryKey() may expose internal representation by returning CipherGen.secondaryKey | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 114[58] | Medium |
| new org.metricshub.winrm.service.client.encryption.CipherGen(Random, long, String, String, String, byte[], String, byte[]) may expose internal representation by storing an externally mutable object into CipherGen.challenge | MALICIOUS_CODE | EI_EXPOSE_REP2[11] | 89[59] | Medium |
| new org.metricshub.winrm.service.client.encryption.CipherGen(Random, long, String, String, String, byte[], String, byte[]) may expose internal representation by storing an externally mutable object into CipherGen.random | MALICIOUS_CODE | EI_EXPOSE_REP2[11] | 83[60] | Medium |
| new org.metricshub.winrm.service.client.encryption.CipherGen(Random, long, String, String, String, byte[], String, byte[]) may expose internal representation by storing an externally mutable object into CipherGen.targetInformation | MALICIOUS_CODE | EI_EXPOSE_REP2[11] | 90[61] | Medium |
org.metricshub.winrm.service.client.encryption.Decryptor
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Found reliance on default encoding in org.metricshub.winrm.service.client.encryption.Decryptor.skipOver(String): String.getBytes() | I18N | DM_DEFAULT_ENCODING[39] | 156[62] | High |
| Found reliance on default encoding in org.metricshub.winrm.service.client.encryption.Decryptor.skipOver(byte[]): new String(byte[]) | I18N | DM_DEFAULT_ENCODING[39] | 166[63] | High |
| Found reliance on default encoding in org.metricshub.winrm.service.client.encryption.Decryptor.skipUntil(String): new String(byte[]) | I18N | DM_DEFAULT_ENCODING[39] | 196[64] | High |
| Found reliance on default encoding in org.metricshub.winrm.service.client.encryption.Decryptor.skipUntil(String): String.getBytes() | I18N | DM_DEFAULT_ENCODING[39] | 188[65] | High |
| new org.metricshub.winrm.service.client.encryption.Decryptor(NTCredentialsWithEncryption) may expose internal representation by storing an externally mutable object into Decryptor.credentials | MALICIOUS_CODE | EI_EXPOSE_REP2[11] | 50[66] | Medium |
| Format string should use %n rather than \n in org.metricshub.winrm.service.client.encryption.Decryptor.skipOver(byte[]) | BAD_PRACTICE | VA_FORMAT_STRING_USES_NEWLINE[19] | 175[67] | Medium |
| Format string should use %n rather than \n in org.metricshub.winrm.service.client.encryption.Decryptor.skipOver(byte[]) | BAD_PRACTICE | VA_FORMAT_STRING_USES_NEWLINE[19] | 164[68] | Medium |
| Format string should use %n rather than \n in org.metricshub.winrm.service.client.encryption.Decryptor.skipUntil(String) | BAD_PRACTICE | VA_FORMAT_STRING_USES_NEWLINE[19] | 194[69] | Medium |
| Format string should use %n rather than \n in org.metricshub.winrm.service.client.encryption.Decryptor.verify() | BAD_PRACTICE | VA_FORMAT_STRING_USES_NEWLINE[19] | 123[70] | Medium |
org.metricshub.winrm.service.client.encryption.EncryptAndSignOutputStream
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Inconsistent synchronization of org.metricshub.winrm.service.client.encryption.EncryptAndSignOutputStream.encrypted; locked 62% of time | MT_CORRECTNESS | IS2_INCONSISTENT_SYNC[71] | 126[72] | Medium |
| Inconsistent synchronization of org.metricshub.winrm.service.client.encryption.EncryptAndSignOutputStream.unencryptedResult; locked 57% of time | MT_CORRECTNESS | IS2_INCONSISTENT_SYNC[71] | 126[72] | Medium |
org.metricshub.winrm.service.client.encryption.MD4
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Dead store to curBufferPos in org.metricshub.winrm.service.client.encryption.MD4.update(byte[]) | STYLE | DLS_DEAD_LOCAL_STORE[73] | 67[74] | Medium |
org.metricshub.winrm.service.client.encryption.NtlmEncryptionUtils
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Found reliance on default encoding in org.metricshub.winrm.service.client.encryption.NtlmEncryptionUtils.encryptAndSign(Message, byte[]): String.getBytes() | I18N | DM_DEFAULT_ENCODING[39] | 63[75] | High |
| Format string should use %n rather than \n in org.metricshub.winrm.service.client.encryption.NtlmEncryptionUtils.encryptAndSign(Message, byte[]) | BAD_PRACTICE | VA_FORMAT_STRING_USES_NEWLINE[19] | 71[76] | Medium |
org.metricshub.winrm.service.enumeration.AnyEPRType
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.metricshub.winrm.service.enumeration.AnyEPRType.getAny() may expose internal representation by returning AnyEPRType.any | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 70[77] | Medium |
org.metricshub.winrm.service.enumeration.Enumerate
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.metricshub.winrm.service.enumeration.Enumerate.getAny() may expose internal representation by returning Enumerate.any | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 165[78] | Medium |
| org.metricshub.winrm.service.enumeration.Enumerate.getFilter() may expose internal representation by returning Enumerate.filter | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 120[79] | Medium |
| org.metricshub.winrm.service.enumeration.Enumerate.getOtherAttributes() may expose internal representation by returning Enumerate.otherAttributes | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 183[80] | Medium |
| org.metricshub.winrm.service.enumeration.Enumerate.setFilter(FilterType) may expose internal representation by storing an externally mutable object into Enumerate.filter | MALICIOUS_CODE | EI_EXPOSE_REP2[11] | 132[81] | Medium |
org.metricshub.winrm.service.enumeration.EnumerateResponse
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.metricshub.winrm.service.enumeration.EnumerateResponse.getAny() may expose internal representation by returning EnumerateResponse.any | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 137[82] | Medium |
| org.metricshub.winrm.service.enumeration.EnumerateResponse.getOtherAttributes() may expose internal representation by returning EnumerateResponse.otherAttributes | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 155[83] | Medium |
org.metricshub.winrm.service.enumeration.EnumerationContextType
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.metricshub.winrm.service.enumeration.EnumerationContextType.getContent() may expose internal representation by returning EnumerationContextType.content | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 81[84] | Medium |
| org.metricshub.winrm.service.enumeration.EnumerationContextType.getOtherAttributes() may expose internal representation by returning EnumerationContextType.otherAttributes | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 99[85] | Medium |
org.metricshub.winrm.service.enumeration.EnumerationEnd
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.metricshub.winrm.service.enumeration.EnumerationEnd.getAny() may expose internal representation by returning EnumerationEnd.any | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 173[86] | Medium |
| org.metricshub.winrm.service.enumeration.EnumerationEnd.getOtherAttributes() may expose internal representation by returning EnumerationEnd.otherAttributes | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 191[87] | Medium |
| org.metricshub.winrm.service.enumeration.EnumerationEnd.getReason() may expose internal representation by returning EnumerationEnd.reason | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 140[88] | Medium |
org.metricshub.winrm.service.enumeration.FilterType
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.metricshub.winrm.service.enumeration.FilterType.getContent() may expose internal representation by returning FilterType.content | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 87[89] | Medium |
| org.metricshub.winrm.service.enumeration.FilterType.getOtherAttributes() may expose internal representation by returning FilterType.otherAttributes | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 129[90] | Medium |
org.metricshub.winrm.service.enumeration.GetStatus
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.metricshub.winrm.service.enumeration.GetStatus.getAny() may expose internal representation by returning GetStatus.any | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 109[91] | Medium |
| org.metricshub.winrm.service.enumeration.GetStatus.getOtherAttributes() may expose internal representation by returning GetStatus.otherAttributes | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 127[92] | Medium |
org.metricshub.winrm.service.enumeration.GetStatusResponse
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.metricshub.winrm.service.enumeration.GetStatusResponse.getAny() may expose internal representation by returning GetStatusResponse.any | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 109[93] | Medium |
| org.metricshub.winrm.service.enumeration.GetStatusResponse.getOtherAttributes() may expose internal representation by returning GetStatusResponse.otherAttributes | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 127[94] | Medium |
org.metricshub.winrm.service.enumeration.ItemListType
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.metricshub.winrm.service.enumeration.ItemListType.getAny() may expose internal representation by returning ItemListType.any | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 71[95] | Medium |
org.metricshub.winrm.service.enumeration.LanguageSpecificStringType
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.metricshub.winrm.service.enumeration.LanguageSpecificStringType.getOtherAttributes() may expose internal representation by returning LanguageSpecificStringType.otherAttributes | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 109[96] | Medium |
org.metricshub.winrm.service.enumeration.Pull
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.metricshub.winrm.service.enumeration.Pull.getAny() may expose internal representation by returning Pull.any | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 198[97] | Medium |
| org.metricshub.winrm.service.enumeration.Pull.getMaxTime() may expose internal representation by returning Pull.maxTime | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 105[98] | Medium |
| org.metricshub.winrm.service.enumeration.Pull.getOtherAttributes() may expose internal representation by returning Pull.otherAttributes | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 216[99] | Medium |
| org.metricshub.winrm.service.enumeration.Pull.setMaxTime(Duration) may expose internal representation by storing an externally mutable object into Pull.maxTime | MALICIOUS_CODE | EI_EXPOSE_REP2[11] | 117[100] | Medium |
org.metricshub.winrm.service.enumeration.PullResponse
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.metricshub.winrm.service.enumeration.PullResponse.getOtherAttributes() may expose internal representation by returning PullResponse.otherAttributes | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 142[101] | Medium |
org.metricshub.winrm.service.enumeration.Release
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.metricshub.winrm.service.enumeration.Release.getOtherAttributes() may expose internal representation by returning Release.otherAttributes | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 86[102] | Medium |
org.metricshub.winrm.service.enumeration.Renew
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.metricshub.winrm.service.enumeration.Renew.getAny() may expose internal representation by returning Renew.any | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 137[103] | Medium |
| org.metricshub.winrm.service.enumeration.Renew.getOtherAttributes() may expose internal representation by returning Renew.otherAttributes | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 155[104] | Medium |
org.metricshub.winrm.service.enumeration.RenewResponse
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.metricshub.winrm.service.enumeration.RenewResponse.getAny() may expose internal representation by returning RenewResponse.any | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 137[105] | Medium |
| org.metricshub.winrm.service.enumeration.RenewResponse.getOtherAttributes() may expose internal representation by returning RenewResponse.otherAttributes | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 155[106] | Medium |
org.metricshub.winrm.service.shell.CommandLine
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.metricshub.winrm.service.shell.CommandLine.getArguments() may expose internal representation by returning CommandLine.arguments | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 97[107] | Medium |
org.metricshub.winrm.service.shell.EnvironmentVariableList
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.metricshub.winrm.service.shell.EnvironmentVariableList.getVariable() may expose internal representation by returning EnvironmentVariableList.variable | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 69[108] | Medium |
org.metricshub.winrm.service.shell.Receive
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.metricshub.winrm.service.shell.Receive.getDesiredStream() may expose internal representation by returning Receive.desiredStream | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 47[109] | Medium |
| org.metricshub.winrm.service.shell.Receive.setDesiredStream(DesiredStreamType) may expose internal representation by storing an externally mutable object into Receive.desiredStream | MALICIOUS_CODE | EI_EXPOSE_REP2[11] | 59[110] | Medium |
org.metricshub.winrm.service.shell.ReceiveResponse
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.metricshub.winrm.service.shell.ReceiveResponse.getCommandState() may expose internal representation by returning ReceiveResponse.commandState | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 92[111] | Medium |
| org.metricshub.winrm.service.shell.ReceiveResponse.getStream() may expose internal representation by returning ReceiveResponse.stream | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 80[112] | Medium |
| org.metricshub.winrm.service.shell.ReceiveResponse.setCommandState(CommandStateType) may expose internal representation by storing an externally mutable object into ReceiveResponse.commandState | MALICIOUS_CODE | EI_EXPOSE_REP2[11] | 104[113] | Medium |
org.metricshub.winrm.service.shell.Shell
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.metricshub.winrm.service.shell.Shell.getAny() may expose internal representation by returning Shell.any | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 298[114] | Medium |
| org.metricshub.winrm.service.shell.Shell.getIdleTimeout() may expose internal representation by returning Shell.idleTimeout | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 189[115] | Medium |
| org.metricshub.winrm.service.shell.Shell.getInputStreams() may expose internal representation by returning Shell.inputStreams | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 233[116] | Medium |
| org.metricshub.winrm.service.shell.Shell.getLifetime() may expose internal representation by returning Shell.lifetime | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 165[117] | Medium |
| org.metricshub.winrm.service.shell.Shell.getOutputStreams() may expose internal representation by returning Shell.outputStreams | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 265[118] | Medium |
| org.metricshub.winrm.service.shell.Shell.setIdleTimeout(Duration) may expose internal representation by storing an externally mutable object into Shell.idleTimeout | MALICIOUS_CODE | EI_EXPOSE_REP2[11] | 201[119] | Medium |
| org.metricshub.winrm.service.shell.Shell.setLifetime(Duration) may expose internal representation by storing an externally mutable object into Shell.lifetime | MALICIOUS_CODE | EI_EXPOSE_REP2[11] | 177[120] | Medium |
org.metricshub.winrm.service.shell.StreamType
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.metricshub.winrm.service.shell.StreamType.getValue() may expose internal representation by returning StreamType.value | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 61[121] | Medium |
| org.metricshub.winrm.service.shell.StreamType.setValue(byte[]) may expose internal representation by storing an externally mutable object into StreamType.value | MALICIOUS_CODE | EI_EXPOSE_REP2[11] | 72[122] | Medium |
org.metricshub.winrm.service.transfer.ResourceCreated
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.metricshub.winrm.service.transfer.ResourceCreated.getAny() may expose internal representation by returning ResourceCreated.any | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 70[123] | Medium |
org.metricshub.winrm.service.wsman.AnyListType
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.metricshub.winrm.service.wsman.AnyListType.getAny() may expose internal representation by returning AnyListType.any | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 78[124] | Medium |
| org.metricshub.winrm.service.wsman.AnyListType.getOtherAttributes() may expose internal representation by returning AnyListType.otherAttributes | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 96[125] | Medium |
org.metricshub.winrm.service.wsman.AttributableURI
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.metricshub.winrm.service.wsman.AttributableURI.getOtherAttributes() may expose internal representation by returning AttributableURI.otherAttributes | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 83[126] | Medium |
org.metricshub.winrm.service.wsman.Items
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.metricshub.winrm.service.wsman.Items.getAny() may expose internal representation by returning Items.any | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 71[127] | Medium |
org.metricshub.winrm.service.wsman.MixedDataType
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.metricshub.winrm.service.wsman.MixedDataType.getContent() may expose internal representation by returning MixedDataType.content | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 80[128] | Medium |
| org.metricshub.winrm.service.wsman.MixedDataType.getOtherAttributes() may expose internal representation by returning MixedDataType.otherAttributes | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 98[129] | Medium |
org.metricshub.winrm.service.wsman.OptionSetType
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.metricshub.winrm.service.wsman.OptionSetType.getOption() may expose internal representation by returning OptionSetType.option | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 76[130] | Medium |
| org.metricshub.winrm.service.wsman.OptionSetType.getOtherAttributes() may expose internal representation by returning OptionSetType.otherAttributes | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 94[131] | Medium |
org.metricshub.winrm.service.wsman.SelectorSetType
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.metricshub.winrm.service.wsman.SelectorSetType.getOtherAttributes() may expose internal representation by returning SelectorSetType.otherAttributes | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 94[132] | Medium |
| org.metricshub.winrm.service.wsman.SelectorSetType.getSelector() may expose internal representation by returning SelectorSetType.selector | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 76[133] | Medium |
org.metricshub.winrm.service.wsman.SelectorType
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.metricshub.winrm.service.wsman.SelectorType.getContent() may expose internal representation by returning SelectorType.content | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 90[134] | Medium |
| org.metricshub.winrm.service.wsman.SelectorType.getOtherAttributes() may expose internal representation by returning SelectorType.otherAttributes | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 132[135] | Medium |
org.metricshub.winrm.service.wsman.SignalResponse
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.metricshub.winrm.service.wsman.SignalResponse.getAny() may expose internal representation by returning SignalResponse.any | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 71[136] | Medium |
org.metricshub.winrm.wql.WinRMWqlExecutor
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.metricshub.winrm.wql.WinRMWqlExecutor.getHeaders() may expose internal representation by returning WinRMWqlExecutor.headers | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 69[137] | Medium |
| org.metricshub.winrm.wql.WinRMWqlExecutor.getRows() may expose internal representation by returning WinRMWqlExecutor.rows | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 77[138] | Medium |
| new org.metricshub.winrm.wql.WinRMWqlExecutor(long, List, List) may expose internal representation by storing an externally mutable object into WinRMWqlExecutor.headers | MALICIOUS_CODE | EI_EXPOSE_REP2[11] | 52[139] | Medium |
| new org.metricshub.winrm.wql.WinRMWqlExecutor(long, List, List) may expose internal representation by storing an externally mutable object into WinRMWqlExecutor.rows | MALICIOUS_CODE | EI_EXPOSE_REP2[11] | 53[140] | Medium |
org.xmlsoap.schemas.ws._2004._08.addressing.AttributedQName
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.xmlsoap.schemas.ws._2004._08.addressing.AttributedQName.getOtherAttributes() may expose internal representation by returning AttributedQName.otherAttributes | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 81[141] | Medium |
org.xmlsoap.schemas.ws._2004._08.addressing.AttributedURI
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.xmlsoap.schemas.ws._2004._08.addressing.AttributedURI.getOtherAttributes() may expose internal representation by returning AttributedURI.otherAttributes | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 83[142] | Medium |
org.xmlsoap.schemas.ws._2004._08.addressing.EndpointReferenceType
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.xmlsoap.schemas.ws._2004._08.addressing.EndpointReferenceType.getAddress() may expose internal representation by returning EndpointReferenceType.address | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 84[143] | Medium |
| org.xmlsoap.schemas.ws._2004._08.addressing.EndpointReferenceType.getAny() may expose internal representation by returning EndpointReferenceType.any | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 229[144] | Medium |
| org.xmlsoap.schemas.ws._2004._08.addressing.EndpointReferenceType.getOtherAttributes() may expose internal representation by returning EndpointReferenceType.otherAttributes | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 247[145] | Medium |
| org.xmlsoap.schemas.ws._2004._08.addressing.EndpointReferenceType.getPortType() may expose internal representation by returning EndpointReferenceType.portType | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 156[146] | Medium |
| org.xmlsoap.schemas.ws._2004._08.addressing.EndpointReferenceType.getServiceName() may expose internal representation by returning EndpointReferenceType.serviceName | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 180[147] | Medium |
| org.xmlsoap.schemas.ws._2004._08.addressing.EndpointReferenceType.setAddress(AttributedURI) may expose internal representation by storing an externally mutable object into EndpointReferenceType.address | MALICIOUS_CODE | EI_EXPOSE_REP2[11] | 96[148] | Medium |
| org.xmlsoap.schemas.ws._2004._08.addressing.EndpointReferenceType.setPortType(AttributedQName) may expose internal representation by storing an externally mutable object into EndpointReferenceType.portType | MALICIOUS_CODE | EI_EXPOSE_REP2[11] | 168[149] | Medium |
| org.xmlsoap.schemas.ws._2004._08.addressing.EndpointReferenceType.setServiceName(ServiceNameType) may expose internal representation by storing an externally mutable object into EndpointReferenceType.serviceName | MALICIOUS_CODE | EI_EXPOSE_REP2[11] | 192[150] | Medium |
org.xmlsoap.schemas.ws._2004._08.addressing.ReferenceParametersType
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.xmlsoap.schemas.ws._2004._08.addressing.ReferenceParametersType.getAny() may expose internal representation by returning ReferenceParametersType.any | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 71[151] | Medium |
org.xmlsoap.schemas.ws._2004._08.addressing.ReferencePropertiesType
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.xmlsoap.schemas.ws._2004._08.addressing.ReferencePropertiesType.getAny() may expose internal representation by returning ReferencePropertiesType.any | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 71[152] | Medium |
org.xmlsoap.schemas.ws._2004._08.addressing.Relationship
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.xmlsoap.schemas.ws._2004._08.addressing.Relationship.getOtherAttributes() may expose internal representation by returning Relationship.otherAttributes | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 111[153] | Medium |
org.xmlsoap.schemas.ws._2004._08.addressing.ReplyAfterType
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.xmlsoap.schemas.ws._2004._08.addressing.ReplyAfterType.getOtherAttributes() may expose internal representation by returning ReplyAfterType.otherAttributes | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 84[154] | Medium |
org.xmlsoap.schemas.ws._2004._08.addressing.RetryAfterType
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.xmlsoap.schemas.ws._2004._08.addressing.RetryAfterType.getOtherAttributes() may expose internal representation by returning RetryAfterType.otherAttributes | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 84[155] | Medium |
org.xmlsoap.schemas.ws._2004._08.addressing.ServiceNameType
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.xmlsoap.schemas.ws._2004._08.addressing.ServiceNameType.getOtherAttributes() may expose internal representation by returning ServiceNameType.otherAttributes | MALICIOUS_CODE | EI_EXPOSE_REP[5] | 114[156] | Medium |
Search Results for {{siteSearch | truncate:'50'}}
{{resultArray.length}}
No results.