PT-2024-32886 · Sonarsource · Sonarqube

Name of the Vulnerable Software and Affected Versions: SonarSource SonarQube versions prior to 9.9.5 LTA SonarSource SonarQube versions prior to 10.5 Description: An issue was discovered in SonarSource SonarQube where a user with the Administrator role can modify an existing configuration of a...

CVE-2024-47910

An issue was discovered in SonarSource SonarQube before 9.9.5 LTA and 10.x before 10.5. A SonarQube user with the Administrator role can modify an existing configuration of a GitHub integration to exfiltrate a pre-signed JWT...