Skip to content

Commit

Permalink
fix(security): vulnerabilities found in cactus-connector-besu
Browse files Browse the repository at this point in the history
Fixes hyperledger-cacti#2040

Signed-off-by: aldousalvarez <[email protected]>
  • Loading branch information
aldousalvarez committed Dec 23, 2022
1 parent 6c62de4 commit 67f7c48
Show file tree
Hide file tree
Showing 4 changed files with 11 additions and 6 deletions.
9 changes: 7 additions & 2 deletions .github/containerscan/allowedlist.yaml
Original file line number Diff line number Diff line change
@@ -1,6 +1,11 @@
general:
vulnerabilities:
#besu-all-in-one
- CVE-2022-37734
- CVE-2022-25857

-CVE-2022-37734
-CVE-2022-25857
#cactus-plugin-ledger-connector-besu
- CVE-2022-24434
- CVE-2022-24999 #express
- CVE-2022-24999 #qs
- CVE-2022-2421
4 changes: 2 additions & 2 deletions packages/cactus-core/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -52,9 +52,9 @@
"dependencies": {
"@hyperledger/cactus-common": "1.1.3",
"@hyperledger/cactus-core-api": "1.1.3",
"express": "4.17.1",
"express": "4.17.3",
"express-jwt-authz": "2.4.1",
"express-openapi-validator": "4.12.12",
"express-openapi-validator": "5.0.0",
"typescript-optional": "2.0.1"
},
"devDependencies": {
Expand Down
2 changes: 1 addition & 1 deletion packages/cactus-plugin-keychain-memory/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,7 @@
"@hyperledger/cactus-core": "1.1.3",
"@hyperledger/cactus-core-api": "1.1.3",
"axios": "0.21.4",
"express": "4.17.1",
"express": "4.17.3",
"prom-client": "13.2.0",
"uuid": "8.3.2"
},
Expand Down
2 changes: 1 addition & 1 deletion packages/cactus-plugin-ledger-connector-besu/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,7 @@
"@hyperledger/cactus-core": "1.1.3",
"@hyperledger/cactus-core-api": "1.1.3",
"axios": "0.21.4",
"express": "4.17.1",
"express": "4.17.3",
"joi": "17.4.2",
"openapi-types": "9.1.0",
"prom-client": "13.2.0",
Expand Down

0 comments on commit 67f7c48

Please sign in to comment.