Security hotspots stuck in "OPEN" state

We are using SonarQube 7.9.0 LTS

A small number of our security hotspots (19 out of 5300) are in “OPEN” state and there is no option to modify their status via the UI, e.g. mark as reviewed or convert to issue. They are NOT limited to specific rules or projects. I’m logged in with admin account, so it’s not a permissions issue.

Does anyone know what could be the reason?


Your version is past EOL. You should upgrade to either the latest version or the current LTS at your earliest convenience. Your upgrade path is:

7.9.0 → 8.9.3 → 9.1 (last step optional)

You may find the Upgrade Guide and the LTS-to-LTS Upgrade Notes helpful. If you have questions about upgrading, feel free to open a new thread for that here.

Once you upgrade, you’ll find that the Security Hotspots experience has changed entirely.