Vulnerabilities found in sonarqube:8.9.9-community

[coltonfreeman26]

Please ensure your issue adheres to the following guidelines:

This repository is used for technical issues only. For general Support like questions, please create a new Thread in our Community Forum

• [x] Please check the problem is not already reported, or a known issue documented in develop.md
• [x] Please include enough details to reproduce the problem: the command executed, the host platform, error messages or relevant logs

Good day all. Not sure if this is the correct place for this issue. I am also not sure where to look within this project for direct dependencies.

We are using the sonarqube:8.9.9-community edition. We use multiple scan tools within our pipeline and there are a couple high findings for this project.

CVE-2020-36518 jackson-databind (current version 2.11.3 and 2.13.0) CVE-2021-22569 protobuf-java (current version 3.0.0-beta-2)

Is it possible to update these on your end?

Please let me know if I can provide any more information.