Sonar-Scanner vulnerability - embedded JVM

We recently updated the Linux sonar scanner to the latest version due to our vulnerability scanner reporting a high issue but it seems it still exists:

The version of OpenJDK installed on the remote host is prior to 7 <= 7u311 / 8 <= 8u302 / 11.0.0 <= 11.0.12 / 13.0.0 <= 13.0.8 / 15.0.0 <= 15.0.4 / 16.0.0 <= 16.0.2. It is, therefore, affected by multiple vulnerabilities as referenced in the 2021-10-19 advisory.

Path                : /home/<username>/.sonar/sonar-scanner-4.6.2.2472-linux/
  Installed version : 11.0.11
  Fixed version     : Upgrade to a version greater than 11.0.12

Thanks,
SeanW

Hi SeanW,

Sorry for the delay in responding. Behind the scenes, we created a ticket and fixed it in the latest version of the scanner, 4.7.

 
HTH,
Ann