I found a security vulnerability in the latest version of SonarQube. What is the process for reporting it, so it can be fixed prior to public disclosure.

Hi, Welcome to the community & thanks for asking! I think this is what you’re looking for: [image] Responsible Vulnerability Disclosure Guides Follow this guide if you’ve found a vulnerability in one of Sonar’s products or websites and you want to responsibly report it.…

How to report a SonarQube security vulnerability?

SonarQube Server / Community Build

ganncamp (G Ann Campbell) May 4, 2021, 5:42pm 2

Hi,

Welcome to the community & thanks for asking!

I think this is what you’re looking for:

Ann

Topic		Replies	Views
How can i report security bug and a CVE(Common Vulnerabilities and Exposures) for sonarqube application, whats the procedure SonarQube Server / Community Build	1	1297	December 10, 2020
Responsible Vulnerability Disclosure Guides security	6	12024	May 24, 2024
Vulnerability Disclosure Info SonarQube Server / Community Build	1	687	August 20, 2018
Following Up On SonarQube Security Vulnerabilities SonarQube Server / Community Build	1	56	October 2, 2024
Sonar Cloud Vulnerability and bug fix report for Audit SonarQube Cloud sonarqube-cloud	1	138	May 20, 2024

How to report a SonarQube security vulnerability?

Related topics