Security patch: Fix multiple CVEs in sagemaker-code-editor main branch #177

pilgd-aws · 2025-08-22T03:25:55Z

Security Fixes for Main Branch

This PR addresses 3 critical/high severity CVEs in sagemaker-code-editor main branch:

🔒 Fixed Vulnerabilities:

CVE-2025-48387 (HIGH) - tar-fs
- ✅ 2.1.1 → 2.1.3
CVE-2025-7783 (CRITICAL) - form-data
- ✅ 4.0.0 → 4.0.4
CVE-2024-37890 (HIGH) - ws
- ✅ 7.4.6 → 8.17.1

📦 Changes:

Updated vulnerable packages in yarn.lock files
All security vulnerabilities resolved

Related Ticket: P248382975

… 8.17.1 - CVE-2025-48387: tar-fs 2.1.1 → 2.1.3 (HIGH) - CVE-2025-7783: form-data 4.0.0 → 4.0.4 (CRITICAL) - CVE-2024-37890: ws 7.4.6 → 8.17.1 (HIGH)

security patch: fix multiple CVEs - tar-fs 2.1.3, form-data 4.0.4, ws…

e748d1d

… 8.17.1 - CVE-2025-48387: tar-fs 2.1.1 → 2.1.3 (HIGH) - CVE-2025-7783: form-data 4.0.0 → 4.0.4 (CRITICAL) - CVE-2024-37890: ws 7.4.6 → 8.17.1 (HIGH)

pilgd-aws requested a review from a team as a code owner August 22, 2025 03:25

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Security patch: Fix multiple CVEs in sagemaker-code-editor main branch #177

Security patch: Fix multiple CVEs in sagemaker-code-editor main branch #177

Uh oh!

pilgd-aws commented Aug 22, 2025

Uh oh!

Uh oh!

Security patch: Fix multiple CVEs in sagemaker-code-editor main branch #177

Are you sure you want to change the base?

Security patch: Fix multiple CVEs in sagemaker-code-editor main branch #177

Uh oh!

Conversation

pilgd-aws commented Aug 22, 2025

Security Fixes for Main Branch

🔒 Fixed Vulnerabilities:

📦 Changes:

Uh oh!

Uh oh!