CVE-2022-42889 aka Text4Shell is a vulnerability in the popular Java library “Apache Commons Text” which can result in arbitrary code execution when processing malicious input. The versions affected are 1.5-1.9 inclusive.
This component is used in debugging and testing features of CodeSonar's Java/C# analyses. It is unlikely users have discovered or enabled these testing or debugging features. Commons Text will be upgraded in CodeSonar 7.2 regardless. CodeSonar versions other than 7.2 and that are supported will be patched on a need by need basis; inform us if you have a need.