Skip to content

GCS CVE issues fix #3128

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
VenkatasivareddyTR wants to merge 1 commit into
base: master
Choose a base branch
from
Open

GCS CVE issues fix #3128

VenkatasivareddyTR wants to merge 1 commit into from

Conversation

@VenkatasivareddyTR
Copy link
Contributor

@VenkatasivareddyTR VenkatasivareddyTR commented Nov 27, 2025
edited
Loading

Issue #, if available:

Description of changes:
Fixed all CVE issues related to META-INF path vulnerabilities for GCS connector.
13 CVEs were fixed using a wildcard approach because all of them were related to META-INF.

Fixed CVEs: CVE-2022-23305, CVE-2022-23305, CVE-2019-17571, CVE-2023-26464,
CVE-2022-23302, CVE-2022-23307, CVE-2025-55163, CVE-2023-2976, CVE-2021-4104,
CVE-2020-15250, CVE-2025-48924, CVE-2018-10237, CVE-2020-9488, CVE-2020-8908

Please find attached below test documents.
GCS CVE issues fix.docx
GCS_FUNCTIONAL_TEST_2025-11-27.xlsx

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

@amazon-inspector-n-virginia
Copy link

amazon-inspector-n-virginia bot commented Nov 27, 2025

⏳ I'm reviewing this pull request for security vulnerabilities and code quality issues. I'll provide an update when I'm done

@amazon-inspector-n-virginia
Copy link

amazon-inspector-n-virginia bot commented Nov 27, 2025

✅ I finished the code review, and didn't find any security or code quality issues.

@codecov
Copy link

codecov bot commented Nov 27, 2025

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 68.28%. Comparing base (fe0a5d9) to head (9abfda9).
⚠️ Report is 99 commits behind head on master.

Additional details and impacted files 
@@             Coverage Diff              @@
##             master    #3128      +/-   ##
============================================
+ Coverage     63.67%   68.28%   +4.60%     
- Complexity     4344     4999     +655     
============================================
  Files           621      636      +15     
  Lines         23286    24157     +871     
  Branches       2859     2997     +138     
============================================
+ Hits          14827    16495    +1668     
+ Misses         7070     6220     -850     
- Partials       1389     1442      +53

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@AbdulR3hman AbdulR3hman AbdulR3hman approved these changes

At least 2 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@VenkatasivareddyTR @AbdulR3hman