I found a security vulnerability in the latest version of SonarQube. What is the process for reporting it, so it can be fixed prior to public disclosure.

Hi, Welcome to the community & thanks for asking! I think this is what you’re looking for: [image] Responsible Vulnerability Disclosure Guides Follow this guide if you’ve found a vulnerability in one of Sonar’s products or websites and you want to responsibly report it.…

How to report a SonarQube security vulnerability?

SonarQube Server / Community Build

ganncamp (G Ann Campbell) May 4, 2021, 5:42pm 2

Hi,

Welcome to the community & thanks for asking!

I think this is what you’re looking for:

Ann

Topic		Replies	Views
How can i report security bug and a CVE(Common Vulnerabilities and Exposures) for sonarqube application, whats the procedure SonarQube Server / Community Build	1	1268	December 10, 2020
Responsible Vulnerability Disclosure Guides security	6	11514	May 24, 2024
How to manage Vulnerabilities SonarQube Server / Community Build sonarqube	1	536	December 27, 2022
Following Up On SonarQube Security Vulnerabilities SonarQube Server / Community Build	1	36	October 2, 2024
Vulnerability Disclosure Info SonarQube Server / Community Build	1	652	August 20, 2018

How to report a SonarQube security vulnerability?

Related topics