Vulnerabilities in latest version `sonarqube:9.5.0-developer`

[fazith27]

Please ensure your issue adheres to the following guidelines:

This repository is used for technical issues only. For general Support like questions, please create a new Thread in our Community Forum

• [x] Please check the problem is not already reported, or a known issue documented in develop.md
• [x] Please include enough details to reproduce the problem: the command executed, the host platform, error messages or relevant logs

Issue Description

I hope this is the right place to raise this issue. If not please let me know where to raise this one

We are using docker version of Sonarqube in our organization. We are looking to upgrade Sonarqube to its latest version sonarqube:9.5.0-developer. During our image scanning process we identified the docker image is having below vulnerabilties.

• CVE-2021-37137
• CVE-2021-37136
• CVE-2020-36518
• CVE-2022-29458
• CVE-2022-25647
• CVE-2021-22569

Attached full scan results below, sonarqube-scan.result.txt

Tool used for docker image scanning: Twistlock

Can you please advise what is the plan to fix the CVEs?