From 2ac1347bbcc26a81792b866b3957305294dd9ee7 Mon Sep 17 00:00:00 2001
From: Ronan TREILLET <Gronan@users.noreply.github.com>
Date: Mon, 18 Jul 2022 11:50:40 +0200
Subject: [PATCH] Fixing critical vulnerability in dependencies

The package aws-cdk in version 2.3.0 depends on package vm2 < 3.9.6 which is affected by a critical vulnerability that expose to Sandbox bypass https://github.com/advisories/GHSA-6pw2-5hjv-9pf7
---
 package.json | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/package.json b/package.json
index 3e3a42b..f5f9e40 100644
--- a/package.json
+++ b/package.json
@@ -11,15 +11,15 @@
   },
   "devDependencies": {
     "@types/node": "10.17.27",
-    "aws-cdk": "2.3.0",
+    "aws-cdk": "^2.3.0",
     "ts-node": "^9.0.0",
     "typescript": "~3.9.7",
     "@aws-sdk/client-ec2": "3.45.0",
     "esbuild": "0.14.10"
   },
   "dependencies": {
-    "aws-cdk-lib": "2.3.0",
+    "aws-cdk-lib": "^2.3.0",
     "constructs": "^10.0.0",
     "source-map-support": "^0.5.16"
   }
-}
\ No newline at end of file
+}