Must-share information (formatted with Markdown):
which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension)
Sonarqube Enterprise 9.7.1
what are you trying to achieve
The latest sonarqube is not affected by CVE-2022-29885
what have you tried so far to achieve this
Updated sonarqube to the latest version and changed the tomcat dependency version in the dependency-license.json file to 9.0.68.
I’m not sure if changing the tomcat version will affect sonarqube functionality?