- which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension): Sonarqube 8.7 build 41497
- problem: lodash 4.17.20 is included in 8.7 but it has discovered CVE-2021-23337. This cause 8.7 has CVE-2021-23337
- Requirement: release a fix asap as lodash has release a urgent security fix 4.17.21 Security Vulnerability with email@example.com · Issue #5083 · lodash/lodash · GitHub. Please let us know is there any plan to release security fix and when.