Security Advisories · SonarSource/sonarqube-scan-action · GitHub

Security Advisories

View known security vulnerabilities and report new vulnerabilities privately to maintainers.

Report a vulnerability

Argument injection vulnerability in SonarQube GitHub Action
GHSA-5xq9-5g24-4g6f published Sep 25, 2025 by chirag-goel-sonarsource

High
Command Injection via sonarqube-scan-action GitHub Action
GHSA-f79p-9c5r-xg88 published Sep 1, 2025 by chirag-goel-sonarsource

High

⚡