docker-sonarqube
docker-sonarqube copied to clipboard
Vulnerabilities found in sonarqube:8.9.9-community
Please ensure your issue adheres to the following guidelines:
This repository is used for technical issues only. For general Support like questions, please create a new Thread in our Community Forum
- [x] Please check the problem is not already reported, or a known issue documented in
develop.md
- [x] Please include enough details to reproduce the problem: the command executed, the host platform, error messages or relevant logs
Good day all. Not sure if this is the correct place for this issue. I am also not sure where to look within this project for direct dependencies.
We are using the sonarqube:8.9.9-community edition. We use multiple scan tools within our pipeline and there are a couple high findings for this project.
CVE-2020-36518 jackson-databind (current version 2.11.3 and 2.13.0) CVE-2021-22569 protobuf-java (current version 3.0.0-beta-2)
Is it possible to update these on your end?
Please let me know if I can provide any more information.