SRVKP-10456,SRVKP-9683,SRVKP-10041,SRVKP-9700,SRVKP-10058 CVE fixes

[arvindk-softwaredev]

Summary

This PR addresses the CVE fixes for

1. SRVKP-9683
2. SRVKP-10041
3. SRVKP-9700
4. SRVKP-10058

Screenshots Before - Vulnerable versions

qs - 6.13.0

node-forge - 1.3.1

Screenshots After

qs - 6.14.1

node-forge - no longer present in deps

[anwesha-palit-redhat]

/lgtm

verified in main

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: anwesha-palit-redhat, arvindk-softwaredev

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• OWNERS [anwesha-palit-redhat]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[anwesha-palit-redhat]

/retest

[arvindk-softwaredev]

/cherrypick release-v1.20.x

[openshift-cherrypick-robot]

@arvindk-softwaredev: once the present PR merges, I will cherry-pick it on top of release-v1.20.x in a new PR and assign it to you.

Details

In response to this:

/cherrypick release-v1.20.x

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[arvindk-softwaredev]

/cherrypick release-v1.15.x

[openshift-cherrypick-robot]

@arvindk-softwaredev: once the present PR merges, I will cherry-pick it on top of release-v1.15.x in a new PR and assign it to you.

Details

In response to this:

/cherrypick release-v1.15.x

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[anwesha-palit-redhat]

Builds are failing because of node 18 in CI, so we will merge once the CI is upgraded to node 20.

[anwesha-palit-redhat]

/retest

[anwesha-palit-redhat]

/retest-required

[openshift-ci]

@arvindk-softwaredev: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
ci/prow/build	6b588e8	link	true	/test build
ci/prow/frontend	6b588e8	link	true	/test frontend
ci/prow/e2e	6b588e8	link	true	/test e2e

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.