Sonarqube Docker Image
1 CVEs
product
Monthly
The official sonarqube docker images before alpine (Alpine specific) contain a blank password for a root user. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Docker
Authentication Bypass
Sonarqube Docker Image
NVD
GitHub
CVSS 3.1
9.8
EPSS
2.1%
EPSS 2%
CVSS 9.8
CRITICAL
Act Now
The official sonarqube docker images before alpine (Alpine specific) contain a blank password for a root user. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Docker
Authentication Bypass
Sonarqube Docker Image
NVD
GitHub