[WEBINAR] Code Faster, Write Cleaner with AI Coding Assistants and Sonar - EMEA & APJ - April 23 Register Now

Sonar Community

Sonar scanner CLI vulnerability

Colin (Colin) November 11, 2022, 2:21pm 2

Hey there.

Take a look at this thread:

Sonar-scanner-cli and vulnerable okhttp3 dependency SonarQube

Hello @pravorskyi, Welcome to the community and thank you to bringing this to our attention! After investigation, we consider ourselves not vulnerable as we encode in base64 the authorization header, hence avoiding passing illegal characters to the request. We however plan to upgrade to okhttp4 in the next versions to keep up to date.

1 Like

show post in topic

Home
Categories
FAQ/Guidelines
Terms of Service
Privacy Policy

Powered by Discourse, best viewed with JavaScript enabled