Is SonarQube Vulnerable to CVE-2019-18935


As we use SonarQube in our estate. I just wanted to query if any aspect of any of the SonarQube releases use any of the Telerik UI libraries, as we have been made aware that in certain (older) versions of this the below vulnerability is present;

Does the SonarQube tooling make use of any of these Telerik libraries?



Hello @tomf

Welcome to the community!

We don’t use Telerik UI libraries and, more generally, we try to carefully review and fix, as soon as possible, each vulnerabilities in components we can use.


1 Like

Thanks Eric! =)