Sonarqube LTA version - Vulnerability Image

svinothmca · November 4, 2025, 9:39am

Must-share information (formatted with Markdown):

which versions are you using (SonarQube Server / Community Build, Scanner, Plugin, and any relevant extension)
- 2025.1 - enterprise
how is SonarQube deployed: zip, Docker, Helm
- Docker
what are you trying to achieve
- The official images in docker hub has vulnerability. As part of security updates we required invulnerable image in docker hub
what have you tried so far to achieve this
- As i analyzed below images are vulnerable. Since we are using LTA version we required invulnerable image in LTA version.

Colin · November 4, 2025, 10:39am

Hi,

I’ve unlisted your topic since you’re reporting a vulnerability. Our responsible disclosure policy asks that you email security@sonarsource.com rather than making public posts. Could you please re-send this to security@sonarsource.com?

Thx,

Topic		Replies	Views
SonarQube Docker Image SonarQube Server / Community Build	3	2358	November 30, 2022
Different Docker images for SonarQube on Docker Hub SonarQube Server / Community Build	1	937	December 15, 2022
Sonarqube docker image for 2025.1 LTA SonarQube Server / Community Build	6	181	October 30, 2025
Sonarqube Docker image vulnerabilities? SonarQube Server / Community Build sonarqube , bump	2	57	April 4, 2025
Question about Docker image's security policy SonarQube Server / Community Build sonarqube	1	286	January 2, 2024