Frontend Vulnerabilities fixed

[dpanshug]

RHOAIENG-17793
RHOAIENG-17794

Description

• CVE-2024-55565 odh-dashboard-container: nanoid mishandles non-integer values
• CVE-2024-52798 odh-dashboard-container: path-to-regexp Unpatched ReDoS in 0.1.x

How Has This Been Tested?

npm audit in frontend folder and check for 0 vulnerabilities.

Test Impact

None

Request review criteria:

Self checklist (all need to be checked):

• The developer has manually tested the changes and verified that the changes work
• Testing instructions have been added in the PR body (for PRs involving changes that are not immediately obvious).
• The developer has added tests or explained why testing cannot be added (unit or cypress tests for related changes)

If you have UI changes:

• Included any necessary screenshots or gifs if it was a UI change.
• Included tags to the UX team if it was a UI/UX change.

After the PR is posted & before it merges:

• The developer has tested their solution on a cluster by using the image produced by the PR to main

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 84.99%. Comparing base (ed014b8) to head (40adf07).
Report is 7 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #3626      +/-   ##
==========================================
- Coverage   85.00%   84.99%   -0.01%     
==========================================
  Files        1404     1404              
  Lines       32244    32244              
  Branches     9042     9042              
==========================================
- Hits        27408    27406       -2     
- Misses       4836     4838       +2     

see 6 files with indirect coverage changes

---

Continue to review full report in Codecov by Sentry.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update ed014b8...40adf07. Read the comment docs.

[manaswinidas]

/lgtm

Ran npm audit in frontend folder... gives 0 vulnerabilities and the dashboard loads fine.

[Gkrumbach07]

/approve

[Gkrumbach07]

/approve

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: Gkrumbach07, manaswinidas

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• frontend/OWNERS [Gkrumbach07]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment