MAIN-T-124 It's possible to crate document with empty name and description #40
hanna-eismantAnnotations
1 error, 14 warnings, and 2 notices
|
Incorrect autowiring in Spring bean components:
server/src/main/kotlin/org/hkurh/doky/filestorage/impl/DefaultFileStorageService.kt#L18
|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| Could not autowire. There is more than one bean of 'FileStorage' type. |
| |--------|-----------------------------------------------------------------------------------------------------------| | Beans: | dokyAzureBlobStorage (DokyAzureBlobStorage.kt) dokyLocalFilesystemStorage (DokyLocalFilesystemStorage.kt) | |
|
|
String template as argument to logging call:
server/src/main/kotlin/org/hkurh/doky/documents/impl/DefaultDocumentFacade.kt#L74
String template as argument to `debug()` logging call
|
|
Unused symbol:
server/src/main/kotlin/org/hkurh/doky/DokyController.kt#L26
Property "schemaVersion" is never used
|
|
Unused symbol:
server/src/main/kotlin/org/hkurh/doky/DokyController.kt#L27
Property "label" is never used
|
|
Unused symbol:
server/src/main/kotlin/org/hkurh/doky/DokyController.kt#L28
Property "color" is never used
|
|
Vulnerable API usage:
server/src/main/kotlin/org/hkurh/doky/authorization/AuthorizationUserController.kt#L32
Vulnerable API usage
* [CVE-2024-22243](https://devhub.checkmarx.com/cve-details/CVE-2024-22243?utm_source=jetbrains&utm_medium=referral) 8.1 Vulnerability with High severity found
Results powered by [Checkmarx](https://checkmarx.com)(c)
|
|
Vulnerable API usage:
server/src/main/kotlin/org/hkurh/doky/documents/api/DocumentController.kt#L54
Vulnerable API usage
* [CVE-2024-22243](https://devhub.checkmarx.com/cve-details/CVE-2024-22243?utm_source=jetbrains&utm_medium=referral) 8.1 Vulnerability with High severity found
Results powered by [Checkmarx](https://checkmarx.com)(c)
|
|
Vulnerable API usage:
server/src/main/kotlin/org/hkurh/doky/authorization/AuthorizationUserController.kt#L32
Vulnerable API usage
* [CVE-2024-22243](https://devhub.checkmarx.com/cve-details/CVE-2024-22243?utm_source=jetbrains&utm_medium=referral) 8.1 Vulnerability with High severity found
Results powered by [Checkmarx](https://checkmarx.com)(c)
|
|
Vulnerable API usage:
server/src/main/kotlin/org/hkurh/doky/documents/api/DocumentController.kt#L54
Vulnerable API usage
* [CVE-2024-22243](https://devhub.checkmarx.com/cve-details/CVE-2024-22243?utm_source=jetbrains&utm_medium=referral) 8.1 Vulnerability with High severity found
Results powered by [Checkmarx](https://checkmarx.com)(c)
|
|
Vulnerable declared dependency:
server/build.gradle#L63
Provides transitive vulnerable dependency maven:org.eclipse.jetty:jetty-http:11.0.15
* [CVE-2023-40167](https://devhub.checkmarx.com/cve-details/CVE-2023-40167?utm_source=jetbrains&utm_medium=referral) 5.3 Improper Handling of Length Parameter Inconsistency vulnerability with Medium severity found
* [CVE-2023-36478](https://devhub.checkmarx.com/cve-details/CVE-2023-36478?utm_source=jetbrains&utm_medium=referral) 7.5 Integer Overflow or Wraparound vulnerability with High severity found
Results powered by [Checkmarx](https://checkmarx.com)(c)
|
|
Vulnerable declared dependency:
server/build.gradle#L63
Provides transitive vulnerable dependency maven:org.eclipse.jetty.http2:http2-hpack:11.0.15
* [CVE-2023-36478](https://devhub.checkmarx.com/cve-details/CVE-2023-36478?utm_source=jetbrains&utm_medium=referral) 7.5 Integer Overflow or Wraparound vulnerability with High severity found
Results powered by [Checkmarx](https://checkmarx.com)(c)
|
|
Vulnerable declared dependency:
server/build.gradle#L62
Provides transitive vulnerable dependency maven:io.projectreactor.netty:reactor-netty-http:1.1.9
* [CVE-2023-34062](https://devhub.checkmarx.com/cve-details/CVE-2023-34062?utm_source=jetbrains&utm_medium=referral) 7.5 Improper Limitation of a Pathname to a Restricted Directory ("Path Traversal") vulnerability with High severity found
* [CVE-2023-34054](https://devhub.checkmarx.com/cve-details/CVE-2023-34054?utm_source=jetbrains&utm_medium=referral) 7.5 Uncontrolled Resource Consumption vulnerability with High severity found
Results powered by [Checkmarx](https://checkmarx.com)(c)
|
|
Vulnerable declared dependency:
server/build.gradle#L63
Provides transitive vulnerable dependency maven:org.eclipse.jetty.http2:http2-common:11.0.15
* [CVE-2024-22201](https://devhub.checkmarx.com/cve-details/CVE-2024-22201?utm_source=jetbrains&utm_medium=referral) 7.5 Uncontrolled Resource Consumption vulnerability with High severity found
Results powered by [Checkmarx](https://checkmarx.com)(c)
|
|
qodana
Unexpected input(s) 'args', valid inputs are ['java-version', 'java-version-file', 'distribution', 'java-package', 'architecture', 'jdkFile', 'check-latest', 'server-id', 'server-username', 'server-password', 'settings-path', 'overwrite-settings', 'gpg-private-key', 'gpg-passphrase', 'cache', 'cache-dependency-path', 'job-status', 'token', 'mvn-toolchain-id', 'mvn-toolchain-vendor']
|
|
qodana
Unexpected input(s) 'args', valid inputs are ['java-version', 'java-version-file', 'distribution', 'java-package', 'architecture', 'jdkFile', 'check-latest', 'server-id', 'server-username', 'server-password', 'settings-path', 'overwrite-settings', 'gpg-private-key', 'gpg-passphrase', 'cache', 'cache-dependency-path', 'job-status', 'token', 'mvn-toolchain-id', 'mvn-toolchain-vendor']
|
|
Accessor call that can be replaced with property access syntax:
server/src/main/kotlin/org/hkurh/doky/DokyApplication.kt#L33
Use of setter method instead of property access syntax
|
|
Vulnerable declared dependency:
server/build.gradle#L62
Provides transitive vulnerable dependency maven:io.netty:netty-codec-http2:4.1.94.Final
* [CVE-2023-44487](https://devhub.checkmarx.com/cve-details/CVE-2023-44487?utm_source=jetbrains&utm_medium=referral) 5.3 Uncontrolled Resource Consumption vulnerability with Medium severity found
Results powered by [Checkmarx](https://checkmarx.com)(c)
|