Is there any CVE fixed in sonarqube 9.9.6 versions

Mohitsaraf · September 17, 2024, 3:44pm

Must-share information (formatted with Markdown):

which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension)
9.9.4
how is SonarQube deployed: zip, Docker, Helm
helm
what are you trying to achieve
is there any CVEfixed in sonarqube 9.9.6 versions? if yes, please share the CVE details and date when it was fixed
what have you tried so far to achieve this

Do not share screenshots of logs – share the text itself (bonus points for being well-formatted)!

ganncamp · September 18, 2024, 12:44pm

Hi,

Welcome to the community!

Here are the release notes for the two point versions you’re missing. Our policy is to update release notes with security fix details 90d after a release. We’ve fallen down on that a bit, but reminders have been sent internally, so hopefully this data will show up soon.

Ann

Mohitsaraf · September 26, 2024, 7:29pm

Hi Ann,

Thank You for your response!
Please if you can ask for someone to update the details it will be really helpful.
Appreciate all the help!

Thanks,
Mohit Saraf

ganncamp · September 26, 2024, 7:32pm

Hi Mohit,

I already did.

Ann

Topic		Replies	Views
Is sonarqube 9.9 LTS is covered with CVE-2022-42889 vulnerability? SonarQube Server / Community Build sonarqube	1	539	June 8, 2023
Is there "official" sonarqube documentation that states version 9.9 is NOT impacted by CVE-2022-4288 SonarQube Server / Community Build	5	885	May 24, 2023
CVE-2022-42889 effect on SonarQube SonarQube Server / Community Build security , cve	27	6746	November 25, 2022
SonarQube / GitHub integration information leakage Sonar Updates sonarqube , github	1	587	October 8, 2024
Sonarqube 9.7 has tomcat 9.0.62 embedded, but CVE-2022-29885 affects tomcat 9.0.62 SonarQube Server / Community Build cve	2	866	November 7, 2022

Is there any CVE fixed in sonarqube 9.9.6 versions

Related topics