/
DirectorySecurity AdvisoriesPricing
Sign in
Security Advisories

CGA-c5gx-g32r-3gqj

Published

Last updated

https://images.chainguard.dev/security/CGA-c5gx-g32r-3gqj
Package

sonarqube

RepositoryWolfi
Latest Update
Pending upstream fix
Aliases
  • CVE-2022-40152
  • GHSA-3f7h-mf4q-vrm4

Severity

7.5

High

CVSS V3

References

  • https://nvd.nist.gov/vuln/detail/CVE-2022-40152
  • https://github.com/advisories/GHSA-3f7h-mf4q-vrm4

Updates

Status

Pending upstream fix

Impact

Transitive dependency of OneLogin's SAML Java toolkit included in shaded JAR

Status

Under investigation

The trusted source for open source

Talk to an expert
© 2025 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Product

Chainguard ContainersChainguard LibrariesChainguard VMsIntegrationsPricing

Solutions

FedRAMPPCI DSSGolden ImagesCVE RemediationPublic Sector

Customers

Customer StoriesChainguard Reviews

Resources

Events & WebinarsChainguard CoursesDocumentationTrust Center

Company

About UsBlogPartnersNewsroomCareersLegal