We are using 9.6.1 version of SonarQube , we scanned our files in Veracode . In the report we got there was several vulnerabilities issues in many of the jar versions .
We found that even in the latest version of SonarQube these jars have older version which have vulnerabilities issues with severity of high and medium.
Could you please suggest how to resolve these vulnerabilities issues because we cannot directly update these from our end.
Below are the details :-
jar in current version
jar version recommended