[Webinar] How to ensure code accountability and trust in the age of Gen AI - December 11th - Register Now

Sonar Community

Apache Commons-text library vulnerability

SonarQube Server / Community Build

java, sonarqube

ganncamp (G Ann Campbell) October 20, 2022, 5:30pm 2

Hi,

Please refer to this thread:

CVE-2022-42889 effect on SonarQube SonarQube

Hi All, I want to know a small info on whether sonarqube version 9.3 & 9.5 has any affect with CVE-2022-42889 We have verified the source code on github, couldn’t see any library related to org.apache.commons:commons-text so want to get the confirmation on the same. Sonar version : 9.3 & 9.5

Ann

1 Like

show post in topic

Home
Categories
Guidelines
Terms of Service
Privacy Policy

Powered by Discourse, best viewed with JavaScript enabled