Is sonarqube 9.9 LTS is covered with CVE-2022-42889 vulnerability?

shivaprasadM · June 8, 2023, 7:50am

Must-share information (formatted with Markdown):

which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension) - 8.9.9/ 7.1
how is SonarQube deployed: zip, Docker, Helm - zip
what are you trying to achieve - installed supported CVE-2022-42889 vulnerability of sonarqube
what have you tried so far to achieve this - gone through the docs of sonar source and couldn’t find anything related 9.9 LTS

Do not share screenshots of logs – share the text itself (bonus points for being well-formatted)!

Colin · June 8, 2023, 8:13am

Hey there.

The search function is super helpful here.

Topic		Replies	Views
Is there "official" sonarqube documentation that states version 9.9 is NOT impacted by CVE-2022-4288 SonarQube Server / Community Build	5	876	May 24, 2023
Is there any CVE fixed in sonarqube 9.9.6 versions SonarQube Server / Community Build	3	28	September 26, 2024
Is CVE-2022-42889, AKA Text4Shell vulnerability impacting SonarQube SonarQube Server / Community Build security , cve	1	1480	October 21, 2022
Dependencies Vulnerabilities Sonarqube Community 9.9 SonarQube Server / Community Build sonarqube	1	305	February 16, 2024
CVE-2022-42889 effect on SonarQube SonarQube Server / Community Build security , cve	27	6728	November 25, 2022