Sonarsource Sonarqube Scanner — known CVE vulnerabilities
Every CVE whose affected-product data names Sonarsource Sonarqube Scanner, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (1)
- CVE-2018-1000425 — CVSS 7.8 (high): An insufficiently protected credentials vulnerability exists in Jenkins SonarQube Scanner Plugin 2.8 and earlier in SonarInstallation.java…