File tree Expand file tree Collapse file tree 1 file changed +13
-0
lines changed
Expand file tree Collapse file tree 1 file changed +13
-0
lines changed Original file line number Diff line number Diff line change 369369 <!-- 6. Exclude old junit POM metadata directly -->
370370 <exclude >META-INF/maven/junit/junit/pom.xml</exclude >
371371 <exclude >META-INF/maven/junit/junit/pom.properties</exclude >
372+ <!-- 7. Fix for CVE-2023-2976, CVE-2020-8908: Exclude escapevelocity metadata that declares vulnerable guava -->
373+ <exclude >META-INF/maven/com.google.escapevelocity/escapevelocity/pom.xml</exclude >
374+ <exclude >META-INF/maven/com.google.escapevelocity/escapevelocity/pom.properties</exclude >
375+ <!-- 8. Fix for CVE-2025-55163: Exclude Google Cloud BigQuery metadata that declares vulnerable io.grpc -->
376+ <exclude >META-INF/maven/com.google.cloud/google-cloud-bigquery/pom.xml</exclude >
377+ <exclude >META-INF/maven/com.google.cloud/google-cloud-bigquery/pom.properties</exclude >
378+ <exclude >META-INF/maven/com.google.cloud/google-cloud-bigquerystorage/pom.xml</exclude >
379+ <exclude >META-INF/maven/com.google.cloud/google-cloud-bigquerystorage/pom.properties</exclude >
380+ <!-- 9. Fix for CVE-2024-7254: Exclude google.api.grpc metadata that declares vulnerable protobuf -->
381+ <exclude >META-INF/maven/com.google.api.grpc/grpc-google-cloud-bigquerystorage-v1/pom.xml</exclude >
382+ <exclude >META-INF/maven/com.google.api.grpc/grpc-google-cloud-bigquerystorage-v1/pom.properties</exclude >
383+ <exclude >META-INF/maven/com.google.api.grpc/proto-google-cloud-bigquerystorage-v1/pom.xml</exclude >
384+ <exclude >META-INF/maven/com.google.api.grpc/proto-google-cloud-bigquerystorage-v1/pom.properties</exclude >
372385 </excludes >
373386 </filter >
374387 </filters >
You can’t perform that action at this time.
0 commit comments