DirectorySecurity AdvisoriesPricing
Sign in
Directory
sonarqube logo

sonarqube

packaged by Chainguard

Last changed
Request a free trial

Contact our team to test out this image for free. Please also indicate any other images you would like to evaluate.

Tags
Overview
Comparison
Provenance
Specifications
SBOM
Vulnerabilities
Advisories

Expand
CVE ID
Severity
Package
Version
Last detected
CVE-2026-44249
High
netty-handler
4.1.130.Final
CVE-2026-45416
High
netty-handler
4.1.130.Final
CVE-2026-42584
High
netty-codec-http
4.1.130.Final
CVE-2024-41909
High
sshd-common
2.9.2
CVE-2026-42587
High
netty-codec-http
4.1.130.Final
CVE-2026-42583
High
netty-codec
4.1.130.Final
CVE-2026-42583
High
netty-codec
4.1.130.Final
CVE-2026-42584
High
netty-codec-http
4.1.130.Final
CVE-2026-44249
High
netty-handler
4.1.130.Final
CVE-2026-45416
High
netty-handler
4.1.130.Final
CVE-2026-33871
High
netty-codec-http2
4.1.130.Final
CVE-2026-42579
High
netty-codec-dns
4.1.130.Final
CVE-2026-5598
High
bcprov-jdk18on
1.79
CVE-2026-42584
High
netty-codec-http
4.1.130.Final
CVE-2026-45416
High
netty-handler
4.1.130.Final
CVE-2026-45674
High
netty-resolver-dns
4.1.130.Final
CVE-2026-42587
High
netty-codec-http
4.1.130.Final
CVE-2026-44249
High
netty-handler
4.1.130.Final
CVE-2026-42587
High
netty-codec-http2
4.1.130.Final
CVE-2026-47691
High
netty-resolver-dns
4.1.130.Final
CVE-2026-42583
High
netty-codec
4.1.130.Final
CVE-2026-33870
High
netty-codec-http
4.1.130.Final
CVE-2026-33870
High
netty-codec-http
4.1.130.Final
CVE-2026-33870
High
netty-codec-http
4.1.130.Final
CVE-2026-42587
High
netty-codec-http
4.1.130.Final
GHSA-2m67-wjpj-xhg9
High
jackson-core
3.0.4
CVE-2026-34479
Medium
log4j-1.2-api
2.19.0
CVE-2023-35887
Medium
sshd-common
2.9.2
GHSA-72hv-8253-57qq
Medium
jackson-core
2.17.2
GHSA-72hv-8253-57qq
Medium
jackson-core
2.21.0
CVE-2025-68161
Medium
log4j-core
2.19.0
CVE-2026-42581
Medium
netty-codec-http
4.1.130.Final
CVE-2026-34480
Medium
log4j-core
2.25.0
CVE-2025-68161
Medium
log4j-core
2.25.0
CVE-2026-34480
Medium
log4j-core
2.19.0
CVE-2020-36843
Medium
eddsa
0.3.0
CVE-2026-42581
Medium
netty-codec-http
4.1.130.Final
GHSA-72hv-8253-57qq
Medium
jackson-core
3.0.4
CVE-2026-47244
Medium
netty-codec-http2
4.1.130.Final
CVE-2026-45673
Medium
netty-resolver-dns
4.1.130.Final
CVE-2026-0636
Medium
bcprov-jdk18on
1.79
CVE-2026-42580
Medium
netty-codec-http
4.1.130.Final
GHSA-72hv-8253-57qq
Medium
jackson-core
2.19.2
CVE-2025-7962
Medium
jakarta.mail
1.6.3
CVE-2026-34478
Medium
log4j-core
2.25.0
CVE-2026-5588
Medium
bcpkix-jdk18on
1.79
GHSA-72hv-8253-57qq
Medium
jackson-core
2.17.2
CVE-2025-48924
Medium
commons-lang3
3.9
CVE-2026-34477
Medium
log4j-core
2.25.0
CVE-2026-42585
Medium
netty-codec-http
4.1.130.Final
CVE-2026-48043
Medium
netty-codec-http2
4.1.130.Final
CVE-2026-41417
Medium
netty-codec-http
4.1.130.Final
CVE-2026-34477
Medium
log4j-core
2.19.0
CVE-2026-41417
Medium
netty-codec-http
4.1.130.Final
CVE-2025-7962
Medium
jakarta.mail
2.0.1
CVE-2026-42580
Medium
netty-codec-http
4.1.130.Final
CVE-2026-42585
Medium
netty-codec-http
4.1.130.Final
GHSA-72hv-8253-57qq
Medium
jackson-core
2.15.0
CVE-2026-41417
Medium
netty-codec-http
4.1.130.Final
CVE-2026-42580
Medium
netty-codec-http
4.1.130.Final
CVE-2026-42585
Medium
netty-codec-http
4.1.130.Final
GHSA-72hv-8253-57qq
Medium
jackson-core
2.15.0
CVE-2026-42581
Medium
netty-codec-http
4.1.130.Final
Last updated:

The trusted source for open source

Talk to an expert
PrivacyTerms

Product

Chainguard ContainersChainguard LibrariesChainguard VMsChainguard OS PackagesChainguard ActionsChainguard Agent SkillsIntegrationsPricing

Solutions

FedRAMPPCI DSSCMMC 2.0SOC 2Golden ImagesCVE RemediationPublic SectorStartups

Customers

Customer StoriesChainguard Reviews

Resources

Events & WebinarsSupply Chain Security 101Chainguard CoursesDocumentationTrust CenterChainguard Slack Community

Company

About UsBlogOpen Source LeadershipPartnersNewsroomCareersLegal
© 2026 Chainguard, Inc. All Rights Reserved.
Chainguard® and the Chainguard logo are registered trademarks of Chainguard, Inc. in the United States and/or other countries.
The other respective trademarks mentioned on this page are owned by the respective companies and use of them does not imply any affiliation or endorsement.