Published
Last updated
sonarqube
Status
Impact
The ElasticSearch dependency within SonarQube must be bumped in the upstream for fixing this CVE in bcprov-jdk18on. Additionally, sonarqube core package uses a bcprov-jdk18on non-vulnerable version '1.78.1'.