|Project Name||Apache Tomcat|
|Lines of code analyzed||258,264|
|On Coverity Scan since||Aug 13, 2014|
|Last build analyzed||4 months ago|
Want to view defects or help fix defects?Add me to project
Along with Coverity defects found by Coverity analysis, you may include or exclude Findbugs defects in analysis results.
You may disable or enable Findbugs defects via the Edit function in project settings. Changes will be reflected upon subsequent build submissions.
Excluding or including these defects will change the total number of defects significantly.
Note: Defect density is measured by the number of defects per 1,000 lines of code.
|Component Name||Pattern||Ignore||Line of Code||Defect density|
|ID||CWE-Name||Number of Defects|
|22||Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')||26|
|78||Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')||1|
|79||Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')||104|
|352||Cross-Site Request Forgery (CSRF)||19|
|676||Use of Potentially Dangerous Function||1|
|759||Use of a One-Way Hash without a Salt||1|
Coverity Scan tests every line of code and potential execution path. The root cause of each defect is clearly explained, making it easy to fix bugs.
Would you like to view the project defects, or help improve its quality by fixing defects?Add me to project