Sonar reported error “I/O function calls should not be vulnerable to path injection attacks”

Colin · June 15, 2023, 7:27am

Hey there.

Hi,

Your version is past EOL. You should upgrade to either the latest version or the current LTS at your earliest convenience. Your upgrade path is:

9.5 → 9.9 → 10.0 (last step optional)

You may find these resources helpful:

If you have questions about upgrading, feel free to open a new thread for that here.

If you still believe you face a false-positive afterwards, please follow the instructions in the following post to report a false-positive (which includes sharing a code snippet rather than a screenshot)

Topic		Replies	Views
S1989 false positive on SonarQube 6.7.5 SonarQube Cloud java , false-positive	3	1582	May 5, 2020
Sonar issues coming up again even after bugs are passed false positively SonarQube Server / Community Build sonarqube	3	517	November 20, 2019
Sonar still complains about security:S2083 SonarQube Server / Community Build java , sonarqube	3	769	February 8, 2023
SonarCloud Change this code to not construct the path from user-controlled data Report False-positive / False-negative... java , sonarqube-cloud	1	421	February 28, 2024
SonarLint unable to report issues SonarQube Cloud	3	594	January 17, 2020

Sonar reported error “I/O function calls should not be vulnerable to path injection attacks”

Related topics