The current build of sonar-scanner-cli-docker is a few months old and some CVEs have collected, which could be fixed by rebuilding the image (the base image tag is updated regularly).
It would be lovely if this could happen, or even happen on a schedule 
Hi @peacememories ,
I am writing to let you know that we released a new version of the sonnar-scanner-cli (docker) last week. This update includes a fix for all CVEs associated with the previous base image.
Could you please confirm if this new version resolves the security concerns you were tracking?
Thank you,