This page lists publicly disclosed CVE vulnerabilities affecting sonarsource sonarqube_docker_image (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2020-35193 | The official sonarqube docker images before alpine (Alpine specific) contain a blank password for a root user. System using the sonarqube docker container deployed by affected versions of the docker image may allow a remote attacker to achieve root access with a blank password. | [email protected] | 9.8 | 2.13% | 2020-12-16 | 2024-11-21 |