Uploaded image for project: 'SonarQube'
  1. SonarQube
  2. SONAR-13905

Fix potential vulnerabilities of bundled libraries

    XMLWordPrintable

    Details

    • Type: Task
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 8.5
    • Component/s: None
    • Labels:
      None
    • Estimate:
      Days
    • Edition:
      Community
    • Production Notes:
      None

      Description

      Why

      The Java and JS third-party libraries bundled in the different components of the SonarQube editions can have vulnerabilities. In a few cases the latter may be exploitable by hackers.
      Every potential vulnerability should be addressed by being marked as false-positive or by being fixed.

      What

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              simon.brandhof Simon Brandhof (Inactive)
              Reporter:
              simon.brandhof Simon Brandhof (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Dates

                Due:
                Created:
                Updated:
                Resolved: