Hello, We are using Sonarqube : 8.9.6-community edition. Please let us know, whether Sonarqube is using spring boot war and whether Sonarqube is impacted any way by the reported spring 4 shell vulnerability. Please suggest, whether we need to take any steps from our end for mitigating the same

Spring4Shell ::Spring Framework Remote Code Execution Vulnerability

umaurer (Uwe Maurer) April 1, 2022, 12:07pm 4

OK, I’ve found your announcement. That’s fine for me.

Topic		Replies	Views
SonarQube, SonarCloud, and Spring4Shell Sonar Updates	11	4008	June 23, 2022
Is sonarqube affected by Spring Framework Remote Code Execution Vulnerability SonarQube Server / Community Build java , sonarqube	2	1166	April 1, 2022
Vulnerability with springshell, is SonarQube impacted SonarQube Server / Community Build	2	473	March 31, 2022
IS Sonar Developer edition version 9.2.4 affected by Spring Framework Vulenrability CVE-2022-22963 SonarQube Server / Community Build sonarqube , scanner	3	840	April 4, 2022
Is Crowd (sonar-crowd) plugin for Sonarqube affected by Spring4Shell vulnerability (CVE-2022-22965) SonarQube Server / Community Build	1	651	April 6, 2022