fix: update node-forge to 1.4.0 to patch security vulnerabilities (#46)
Resolves 4 high-severity vulnerabilities in node-forge: - GHSA-2328-f5f3-gj25: basicConstraints bypass - GHSA-q67f-28xg-22rw: signature forgery Ed25519 - GHSA-5m6q-g25r-mvwx: Denial of Service via Infinite Loop - GHSA-ppp5-5v6c-4jwp: signature forgery RSA-PKCS Fixes PRI-21 Co-authored-by: Pawla Abdul (Bot) <pawla@groombook.dev>
This commit was merged in pull request #46.
This commit is contained in:
privilegedescalation-engineer[bot]
committed by
GitHub
GitHub
parent
2798bca085
commit
2c17512372
+1
-1
@@ -54,7 +54,7 @@
|
||||
"undici": "^7.24.3"
|
||||
},
|
||||
"dependencies": {
|
||||
"node-forge": "^1.3.1"
|
||||
"node-forge": "^1.4.0"
|
||||
},
|
||||
"devDependencies": {
|
||||
"@headlamp-k8s/eslint-config": "^0.6.0",
|
||||
|
||||
Reference in New Issue
Block a user