Vulnerabilities

 1 via 5 paths

Dependencies

 163

Source

 GitHub

Commit

 4f27936d

Find, fix and prevent vulnerabilities in your code.

Test and protect my applications
Severity
  • 1
Status
  • 1
  • 0
  • 0

high severity
new

Missing Release of Resource after Effective Lifetime

  • Vulnerable module: inflight
  • Introduced through: node-gyp@9.4.1

Detailed paths

  • Introduced through: karma-simple@shikhir-arora/karma-simple#4f27936d3fa4c1aad8d673e4c54d0440da94b167 node-gyp@9.4.1 glob@7.2.3 inflight@1.0.6
  • Introduced through: karma-simple@shikhir-arora/karma-simple#4f27936d3fa4c1aad8d673e4c54d0440da94b167 node-gyp@9.4.1 rimraf@3.0.2 glob@7.2.3 inflight@1.0.6
  • Introduced through: karma-simple@shikhir-arora/karma-simple#4f27936d3fa4c1aad8d673e4c54d0440da94b167 node-gyp@9.4.1 make-fetch-happen@10.2.1 cacache@16.1.3 glob@8.1.0 inflight@1.0.6
  • Introduced through: karma-simple@shikhir-arora/karma-simple#4f27936d3fa4c1aad8d673e4c54d0440da94b167 node-gyp@9.4.1 make-fetch-happen@10.2.1 cacache@16.1.3 rimraf@3.0.2 glob@7.2.3 inflight@1.0.6
  • Introduced through: karma-simple@shikhir-arora/karma-simple#4f27936d3fa4c1aad8d673e4c54d0440da94b167 node-gyp@9.4.1 make-fetch-happen@10.2.1 cacache@16.1.3 @npmcli/move-file@2.0.1 rimraf@3.0.2 glob@7.2.3 inflight@1.0.6

Overview

Affected versions of this package are vulnerable to Missing Release of Resource after Effective Lifetime when some resources are not freed correctly after being used.

Note: In the meantime, logdna-agent, a package that depends on inflight, has merged a commit addressing this solely in their package (so it should be fixed in logdna-agent in versions 1.6.5 and later)

Remediation

There is no fixed version for inflight.

References

Missing Release of Resource after Effective Lifetime vulnerability report