fix: handle null passphrase in key management methods #27
tcheericAnnotations
8 warnings and 38 notices
|
Mismatched query and update of collection:
nsecbunker-monitoring/src/main/java/xyz/tcheeric/nsecbunker/monitoring/alerting/WebhookAlertDelivery.java#L158
Contents of collection `headers` are updated, but never queried
|
|
Vulnerable declared dependency:
nsecbunker-tests/nsecbunker-e2e/pom.xml#L112
Provides transitive vulnerable dependency maven:org.apache.commons:commons-compress:1.24.0
* [CVE-2024-25710](https://www.mend.io/vulnerability-database/CVE-2024-25710?utm_source=JetBrains) 8.1 Loop with Unreachable Exit Condition ('Infinite Loop')
* [CVE-2024-26308](https://www.mend.io/vulnerability-database/CVE-2024-26308?utm_source=JetBrains) 5.5 Allocation of Resources Without Limits or Throttling
Results powered by [Mend.io](https://www.mend.io/jetbrains-lp/?utm_source=JetBrains)
|
|
Vulnerable declared dependency:
nsecbunker-tests/nsecbunker-it/pom.xml#L51
Provides transitive vulnerable dependency maven:org.apache.commons:commons-compress:1.24.0
* [CVE-2024-25710](https://www.mend.io/vulnerability-database/CVE-2024-25710?utm_source=JetBrains) 8.1 Loop with Unreachable Exit Condition ('Infinite Loop')
* [CVE-2024-26308](https://www.mend.io/vulnerability-database/CVE-2024-26308?utm_source=JetBrains) 5.5 Allocation of Resources Without Limits or Throttling
Results powered by [Mend.io](https://www.mend.io/jetbrains-lp/?utm_source=JetBrains)
|
|
Vulnerable declared dependency:
nsecbunker-tests/nsecbunker-perf/pom.xml#L118
Provides transitive vulnerable dependency maven:org.apache.commons:commons-compress:1.24.0
* [CVE-2024-25710](https://www.mend.io/vulnerability-database/CVE-2024-25710?utm_source=JetBrains) 8.1 Loop with Unreachable Exit Condition ('Infinite Loop')
* [CVE-2024-26308](https://www.mend.io/vulnerability-database/CVE-2024-26308?utm_source=JetBrains) 5.5 Allocation of Resources Without Limits or Throttling
Results powered by [Mend.io](https://www.mend.io/jetbrains-lp/?utm_source=JetBrains)
|
|
Mismatched query and update of collection:
nsecbunker-monitoring/src/main/java/xyz/tcheeric/nsecbunker/monitoring/alerting/WebhookAlertDelivery.java#L158
Contents of collection `headers` are updated, but never queried
|
|
Vulnerable declared dependency:
nsecbunker-tests/nsecbunker-e2e/pom.xml#L112
Provides transitive vulnerable dependency maven:org.apache.commons:commons-compress:1.24.0
* [CVE-2024-25710](https://www.mend.io/vulnerability-database/CVE-2024-25710?utm_source=JetBrains) 8.1 Loop with Unreachable Exit Condition ('Infinite Loop')
* [CVE-2024-26308](https://www.mend.io/vulnerability-database/CVE-2024-26308?utm_source=JetBrains) 5.5 Allocation of Resources Without Limits or Throttling
Results powered by [Mend.io](https://www.mend.io/jetbrains-lp/?utm_source=JetBrains)
|
|
Vulnerable declared dependency:
nsecbunker-tests/nsecbunker-it/pom.xml#L51
Provides transitive vulnerable dependency maven:org.apache.commons:commons-compress:1.24.0
* [CVE-2024-25710](https://www.mend.io/vulnerability-database/CVE-2024-25710?utm_source=JetBrains) 8.1 Loop with Unreachable Exit Condition ('Infinite Loop')
* [CVE-2024-26308](https://www.mend.io/vulnerability-database/CVE-2024-26308?utm_source=JetBrains) 5.5 Allocation of Resources Without Limits or Throttling
Results powered by [Mend.io](https://www.mend.io/jetbrains-lp/?utm_source=JetBrains)
|
|
Vulnerable declared dependency:
nsecbunker-tests/nsecbunker-perf/pom.xml#L118
Provides transitive vulnerable dependency maven:org.apache.commons:commons-compress:1.24.0
* [CVE-2024-25710](https://www.mend.io/vulnerability-database/CVE-2024-25710?utm_source=JetBrains) 8.1 Loop with Unreachable Exit Condition ('Infinite Loop')
* [CVE-2024-26308](https://www.mend.io/vulnerability-database/CVE-2024-26308?utm_source=JetBrains) 5.5 Allocation of Resources Without Limits or Throttling
Results powered by [Mend.io](https://www.mend.io/jetbrains-lp/?utm_source=JetBrains)
|
|
Vulnerable declared dependency:
nsecbunker-tests/nsecbunker-security/pom.xml#L92
Provides transitive vulnerable dependency maven:ch.qos.logback:logback-core:1.5.15
* [CVE-2025-11226](https://www.mend.io/vulnerability-database/CVE-2025-11226?utm_source=JetBrains) 6.9 Conditional processing of logback.xml configuration file, in conjuction with Spring Framework and Janino
Results powered by [Mend.io](https://www.mend.io/jetbrains-lp/?utm_source=JetBrains)
|
|
Vulnerable declared dependency:
nsecbunker-admin/pom.xml#L22
Provides transitive vulnerable dependency maven:org.apache.commons:commons-lang3:3.17.0
* [CVE-2025-48924](https://www.mend.io/vulnerability-database/CVE-2025-48924?utm_source=Jetbrains) 5.3 Insufficient Information
Results powered by [Mend.io](https://www.mend.io/jetbrains-lp/?utm_source=JetBrains)
|
|
Vulnerable declared dependency:
nsecbunker-protocol/pom.xml#L32
Provides transitive vulnerable dependency maven:org.apache.commons:commons-lang3:3.17.0
* [CVE-2025-48924](https://www.mend.io/vulnerability-database/CVE-2025-48924?utm_source=Jetbrains) 5.3 Insufficient Information
Results powered by [Mend.io](https://www.mend.io/jetbrains-lp/?utm_source=JetBrains)
|
|
Vulnerable declared dependency:
nsecbunker-tests/nsecbunker-security/pom.xml#L19
Provides transitive vulnerable dependency maven:org.apache.commons:commons-lang3:3.17.0
* [CVE-2025-48924](https://www.mend.io/vulnerability-database/CVE-2025-48924?utm_source=Jetbrains) 5.3 Insufficient Information
Results powered by [Mend.io](https://www.mend.io/jetbrains-lp/?utm_source=JetBrains)
|
|
Vulnerable declared dependency:
nsecbunker-tests/nsecbunker-perf/pom.xml#L92
Provides transitive vulnerable dependency maven:ch.qos.logback:logback-core:1.5.15
* [CVE-2025-11226](https://www.mend.io/vulnerability-database/CVE-2025-11226?utm_source=JetBrains) 6.9 Conditional processing of logback.xml configuration file, in conjuction with Spring Framework and Janino
Results powered by [Mend.io](https://www.mend.io/jetbrains-lp/?utm_source=JetBrains)
|
|
Vulnerable declared dependency:
nsecbunker-tests/nsecbunker-it/pom.xml#L66
Provides transitive vulnerable dependency maven:ch.qos.logback:logback-core:1.5.15
* [CVE-2025-11226](https://www.mend.io/vulnerability-database/CVE-2025-11226?utm_source=JetBrains) 6.9 Conditional processing of logback.xml configuration file, in conjuction with Spring Framework and Janino
Results powered by [Mend.io](https://www.mend.io/jetbrains-lp/?utm_source=JetBrains)
|
|
Vulnerable declared dependency:
nsecbunker-tests/nsecbunker-e2e/pom.xml#L54
Provides transitive vulnerable dependency maven:org.apache.commons:commons-lang3:3.17.0
* [CVE-2025-48924](https://www.mend.io/vulnerability-database/CVE-2025-48924?utm_source=Jetbrains) 5.3 Insufficient Information
Results powered by [Mend.io](https://www.mend.io/jetbrains-lp/?utm_source=JetBrains)
|
|
Vulnerable declared dependency:
nsecbunker-connection/pom.xml#L28
Provides transitive vulnerable dependency maven:org.apache.commons:commons-lang3:3.17.0
* [CVE-2025-48924](https://www.mend.io/vulnerability-database/CVE-2025-48924?utm_source=Jetbrains) 5.3 Insufficient Information
Results powered by [Mend.io](https://www.mend.io/jetbrains-lp/?utm_source=JetBrains)
|
|
Vulnerable declared dependency:
nsecbunker-tests/nsecbunker-perf/pom.xml#L49
Provides transitive vulnerable dependency maven:org.apache.commons:commons-lang3:3.17.0
* [CVE-2025-48924](https://www.mend.io/vulnerability-database/CVE-2025-48924?utm_source=Jetbrains) 5.3 Insufficient Information
Results powered by [Mend.io](https://www.mend.io/jetbrains-lp/?utm_source=JetBrains)
|
|
Vulnerable declared dependency:
nsecbunker-spring-boot-starter/pom.xml#L22
Provides transitive vulnerable dependency maven:org.apache.commons:commons-lang3:3.17.0
* [CVE-2025-48924](https://www.mend.io/vulnerability-database/CVE-2025-48924?utm_source=Jetbrains) 5.3 Insufficient Information
Results powered by [Mend.io](https://www.mend.io/jetbrains-lp/?utm_source=JetBrains)
|
|
Vulnerable declared dependency:
nsecbunker-tests/nsecbunker-e2e/pom.xml#L76
Provides transitive vulnerable dependency maven:ch.qos.logback:logback-core:1.5.15
* [CVE-2025-11226](https://www.mend.io/vulnerability-database/CVE-2025-11226?utm_source=JetBrains) 6.9 Conditional processing of logback.xml configuration file, in conjuction with Spring Framework and Janino
Results powered by [Mend.io](https://www.mend.io/jetbrains-lp/?utm_source=JetBrains)
|
|
Vulnerable declared dependency:
nsecbunker-tests/nsecbunker-it/pom.xml#L25
Provides transitive vulnerable dependency maven:org.apache.commons:commons-lang3:3.17.0
* [CVE-2025-48924](https://www.mend.io/vulnerability-database/CVE-2025-48924?utm_source=Jetbrains) 5.3 Insufficient Information
Results powered by [Mend.io](https://www.mend.io/jetbrains-lp/?utm_source=JetBrains)
|
|
Vulnerable declared dependency:
nsecbunker-tests/nsecbunker-chaos/pom.xml#L78
Provides transitive vulnerable dependency maven:ch.qos.logback:logback-core:1.5.15
* [CVE-2025-11226](https://www.mend.io/vulnerability-database/CVE-2025-11226?utm_source=JetBrains) 6.9 Conditional processing of logback.xml configuration file, in conjuction with Spring Framework and Janino
Results powered by [Mend.io](https://www.mend.io/jetbrains-lp/?utm_source=JetBrains)
|
|
Vulnerable declared dependency:
nsecbunker-monitoring/pom.xml#L22
Provides transitive vulnerable dependency maven:org.apache.commons:commons-lang3:3.17.0
* [CVE-2025-48924](https://www.mend.io/vulnerability-database/CVE-2025-48924?utm_source=Jetbrains) 5.3 Insufficient Information
Results powered by [Mend.io](https://www.mend.io/jetbrains-lp/?utm_source=JetBrains)
|
|
Vulnerable declared dependency:
nsecbunker-client/pom.xml#L36
Provides transitive vulnerable dependency maven:org.apache.commons:commons-lang3:3.17.0
* [CVE-2025-48924](https://www.mend.io/vulnerability-database/CVE-2025-48924?utm_source=Jetbrains) 5.3 Insufficient Information
Results powered by [Mend.io](https://www.mend.io/jetbrains-lp/?utm_source=JetBrains)
|
|
Vulnerable declared dependency:
nsecbunker-tests/nsecbunker-chaos/pom.xml#L44
Provides transitive vulnerable dependency maven:org.apache.commons:commons-lang3:3.17.0
* [CVE-2025-48924](https://www.mend.io/vulnerability-database/CVE-2025-48924?utm_source=Jetbrains) 5.3 Insufficient Information
Results powered by [Mend.io](https://www.mend.io/jetbrains-lp/?utm_source=JetBrains)
|
|
Vulnerable declared dependency:
nsecbunker-spring-boot-starter/pom.xml#L40
Provides transitive vulnerable dependency maven:ch.qos.logback:logback-core:1.5.15
* [CVE-2025-11226](https://www.mend.io/vulnerability-database/CVE-2025-11226?utm_source=JetBrains) 6.9 Conditional processing of logback.xml configuration file, in conjuction with Spring Framework and Janino
Results powered by [Mend.io](https://www.mend.io/jetbrains-lp/?utm_source=JetBrains)
|
|
Vulnerable declared dependency:
nsecbunker-core/pom.xml#L22
Provides transitive vulnerable dependency maven:org.apache.commons:commons-lang3:3.17.0
* [CVE-2025-48924](https://www.mend.io/vulnerability-database/CVE-2025-48924?utm_source=Jetbrains) 5.3 Insufficient Information
Results powered by [Mend.io](https://www.mend.io/jetbrains-lp/?utm_source=JetBrains)
|
|
Vulnerable declared dependency:
nsecbunker-account/pom.xml#L22
Provides transitive vulnerable dependency maven:org.apache.commons:commons-lang3:3.17.0
* [CVE-2025-48924](https://www.mend.io/vulnerability-database/CVE-2025-48924?utm_source=Jetbrains) 5.3 Insufficient Information
Results powered by [Mend.io](https://www.mend.io/jetbrains-lp/?utm_source=JetBrains)
|
|
Vulnerable declared dependency:
nsecbunker-tests/nsecbunker-security/pom.xml#L92
Provides transitive vulnerable dependency maven:ch.qos.logback:logback-core:1.5.15
* [CVE-2025-11226](https://www.mend.io/vulnerability-database/CVE-2025-11226?utm_source=JetBrains) 6.9 Conditional processing of logback.xml configuration file, in conjuction with Spring Framework and Janino
Results powered by [Mend.io](https://www.mend.io/jetbrains-lp/?utm_source=JetBrains)
|
|
Vulnerable declared dependency:
nsecbunker-admin/pom.xml#L22
Provides transitive vulnerable dependency maven:org.apache.commons:commons-lang3:3.17.0
* [CVE-2025-48924](https://www.mend.io/vulnerability-database/CVE-2025-48924?utm_source=Jetbrains) 5.3 Insufficient Information
Results powered by [Mend.io](https://www.mend.io/jetbrains-lp/?utm_source=JetBrains)
|
|
Vulnerable declared dependency:
nsecbunker-protocol/pom.xml#L32
Provides transitive vulnerable dependency maven:org.apache.commons:commons-lang3:3.17.0
* [CVE-2025-48924](https://www.mend.io/vulnerability-database/CVE-2025-48924?utm_source=Jetbrains) 5.3 Insufficient Information
Results powered by [Mend.io](https://www.mend.io/jetbrains-lp/?utm_source=JetBrains)
|
|
Vulnerable declared dependency:
nsecbunker-tests/nsecbunker-security/pom.xml#L19
Provides transitive vulnerable dependency maven:org.apache.commons:commons-lang3:3.17.0
* [CVE-2025-48924](https://www.mend.io/vulnerability-database/CVE-2025-48924?utm_source=Jetbrains) 5.3 Insufficient Information
Results powered by [Mend.io](https://www.mend.io/jetbrains-lp/?utm_source=JetBrains)
|
|
Vulnerable declared dependency:
nsecbunker-tests/nsecbunker-perf/pom.xml#L92
Provides transitive vulnerable dependency maven:ch.qos.logback:logback-core:1.5.15
* [CVE-2025-11226](https://www.mend.io/vulnerability-database/CVE-2025-11226?utm_source=JetBrains) 6.9 Conditional processing of logback.xml configuration file, in conjuction with Spring Framework and Janino
Results powered by [Mend.io](https://www.mend.io/jetbrains-lp/?utm_source=JetBrains)
|
|
Vulnerable declared dependency:
nsecbunker-tests/nsecbunker-it/pom.xml#L66
Provides transitive vulnerable dependency maven:ch.qos.logback:logback-core:1.5.15
* [CVE-2025-11226](https://www.mend.io/vulnerability-database/CVE-2025-11226?utm_source=JetBrains) 6.9 Conditional processing of logback.xml configuration file, in conjuction with Spring Framework and Janino
Results powered by [Mend.io](https://www.mend.io/jetbrains-lp/?utm_source=JetBrains)
|
|
Vulnerable declared dependency:
nsecbunker-tests/nsecbunker-e2e/pom.xml#L54
Provides transitive vulnerable dependency maven:org.apache.commons:commons-lang3:3.17.0
* [CVE-2025-48924](https://www.mend.io/vulnerability-database/CVE-2025-48924?utm_source=Jetbrains) 5.3 Insufficient Information
Results powered by [Mend.io](https://www.mend.io/jetbrains-lp/?utm_source=JetBrains)
|
|
Vulnerable declared dependency:
nsecbunker-connection/pom.xml#L28
Provides transitive vulnerable dependency maven:org.apache.commons:commons-lang3:3.17.0
* [CVE-2025-48924](https://www.mend.io/vulnerability-database/CVE-2025-48924?utm_source=Jetbrains) 5.3 Insufficient Information
Results powered by [Mend.io](https://www.mend.io/jetbrains-lp/?utm_source=JetBrains)
|
|
Vulnerable declared dependency:
nsecbunker-tests/nsecbunker-perf/pom.xml#L49
Provides transitive vulnerable dependency maven:org.apache.commons:commons-lang3:3.17.0
* [CVE-2025-48924](https://www.mend.io/vulnerability-database/CVE-2025-48924?utm_source=Jetbrains) 5.3 Insufficient Information
Results powered by [Mend.io](https://www.mend.io/jetbrains-lp/?utm_source=JetBrains)
|
|
Vulnerable declared dependency:
nsecbunker-spring-boot-starter/pom.xml#L22
Provides transitive vulnerable dependency maven:org.apache.commons:commons-lang3:3.17.0
* [CVE-2025-48924](https://www.mend.io/vulnerability-database/CVE-2025-48924?utm_source=Jetbrains) 5.3 Insufficient Information
Results powered by [Mend.io](https://www.mend.io/jetbrains-lp/?utm_source=JetBrains)
|
|
Vulnerable declared dependency:
nsecbunker-tests/nsecbunker-e2e/pom.xml#L76
Provides transitive vulnerable dependency maven:ch.qos.logback:logback-core:1.5.15
* [CVE-2025-11226](https://www.mend.io/vulnerability-database/CVE-2025-11226?utm_source=JetBrains) 6.9 Conditional processing of logback.xml configuration file, in conjuction with Spring Framework and Janino
Results powered by [Mend.io](https://www.mend.io/jetbrains-lp/?utm_source=JetBrains)
|
|
Vulnerable declared dependency:
nsecbunker-tests/nsecbunker-it/pom.xml#L25
Provides transitive vulnerable dependency maven:org.apache.commons:commons-lang3:3.17.0
* [CVE-2025-48924](https://www.mend.io/vulnerability-database/CVE-2025-48924?utm_source=Jetbrains) 5.3 Insufficient Information
Results powered by [Mend.io](https://www.mend.io/jetbrains-lp/?utm_source=JetBrains)
|
|
Vulnerable declared dependency:
nsecbunker-tests/nsecbunker-chaos/pom.xml#L78
Provides transitive vulnerable dependency maven:ch.qos.logback:logback-core:1.5.15
* [CVE-2025-11226](https://www.mend.io/vulnerability-database/CVE-2025-11226?utm_source=JetBrains) 6.9 Conditional processing of logback.xml configuration file, in conjuction with Spring Framework and Janino
Results powered by [Mend.io](https://www.mend.io/jetbrains-lp/?utm_source=JetBrains)
|
|
Vulnerable declared dependency:
nsecbunker-monitoring/pom.xml#L22
Provides transitive vulnerable dependency maven:org.apache.commons:commons-lang3:3.17.0
* [CVE-2025-48924](https://www.mend.io/vulnerability-database/CVE-2025-48924?utm_source=Jetbrains) 5.3 Insufficient Information
Results powered by [Mend.io](https://www.mend.io/jetbrains-lp/?utm_source=JetBrains)
|
|
Vulnerable declared dependency:
nsecbunker-client/pom.xml#L36
Provides transitive vulnerable dependency maven:org.apache.commons:commons-lang3:3.17.0
* [CVE-2025-48924](https://www.mend.io/vulnerability-database/CVE-2025-48924?utm_source=Jetbrains) 5.3 Insufficient Information
Results powered by [Mend.io](https://www.mend.io/jetbrains-lp/?utm_source=JetBrains)
|
|
Vulnerable declared dependency:
nsecbunker-tests/nsecbunker-chaos/pom.xml#L44
Provides transitive vulnerable dependency maven:org.apache.commons:commons-lang3:3.17.0
* [CVE-2025-48924](https://www.mend.io/vulnerability-database/CVE-2025-48924?utm_source=Jetbrains) 5.3 Insufficient Information
Results powered by [Mend.io](https://www.mend.io/jetbrains-lp/?utm_source=JetBrains)
|
|
Vulnerable declared dependency:
nsecbunker-spring-boot-starter/pom.xml#L40
Provides transitive vulnerable dependency maven:ch.qos.logback:logback-core:1.5.15
* [CVE-2025-11226](https://www.mend.io/vulnerability-database/CVE-2025-11226?utm_source=JetBrains) 6.9 Conditional processing of logback.xml configuration file, in conjuction with Spring Framework and Janino
Results powered by [Mend.io](https://www.mend.io/jetbrains-lp/?utm_source=JetBrains)
|
|
Vulnerable declared dependency:
nsecbunker-core/pom.xml#L22
Provides transitive vulnerable dependency maven:org.apache.commons:commons-lang3:3.17.0
* [CVE-2025-48924](https://www.mend.io/vulnerability-database/CVE-2025-48924?utm_source=Jetbrains) 5.3 Insufficient Information
Results powered by [Mend.io](https://www.mend.io/jetbrains-lp/?utm_source=JetBrains)
|
|
Vulnerable declared dependency:
nsecbunker-account/pom.xml#L22
Provides transitive vulnerable dependency maven:org.apache.commons:commons-lang3:3.17.0
* [CVE-2025-48924](https://www.mend.io/vulnerability-database/CVE-2025-48924?utm_source=Jetbrains) 5.3 Insufficient Information
Results powered by [Mend.io](https://www.mend.io/jetbrains-lp/?utm_source=JetBrains)
|
Artifacts
Produced during runtime
| Name | Size | Digest | |
|---|---|---|---|
|
coverage-reports
Expired
|
1.93 MB |
sha256:45f8189570f92bb4bd94391c236c176474cbddd01dd286341cfa8e0572147e69
|
|
|
maven-artifacts
Expired
|
42 MB |
sha256:7966c4ddd25a7b5e27015210d7598ded321c00dc703219b3e4e4a823846d44fa
|
|
|
quality-reports
Expired
|
31 KB |
sha256:ef76445d6f023b2c5e4db4f56310e26c6058d20cec9511b511a25286933f8b8c
|
|
|
test-results-java-21
Expired
|
392 KB |
sha256:8ebbacfe8dafeefa22663d71d4c96b2b1641c2b6647876ab0ffc8a0ac2d505f1
|
|