Vulnerability with springshell, is SonarQube impacted

Good morning,

Using Sonarqube 8.9.6, I’m wondering if it could be impacted by the vulnerability raised yesterday by Sonatype:New Spring Framework RCE  Vulnerability Confirmed - What to do?

It impacts java applications using spring-code fmk and JDK 9 and above.

thanks for your feedback

Hey there.

SonarQube is not affected.

Thank you for your answer.