6.5
CVSS CVSS_V3
Status
Fixed version
25.1.0.102122-r0Status
Impact
The xmlsec dependency is a transitive dependency that is brought in as a part of the sonar-application.jar and is not defined in the declared dependencies. This requires a fix from upstream maintainers.
Status