Cxdca8e59f-8bfe @ Npm-inflight-1.0.6

[yangricardo]

Vulnerable Package issue exists @ Npm-inflight-1.0.6 in branch main

In NPM inflight there is a Memory Leak because some resources are not freed correctly after being used. It appears to affect all versions, as the issue was not addressed and no fix is found. NOTE: In the meantime, logdna-agent, a package that depends on inflight, has merged a commit to address this solely in their package (so it should be fixed in logdna-agent in versions 1.6.5 and later). Node-glob, a package that also depends on inflight, was also planning to address this by not using inflight after version 8 is released, but it is still being used.

Namespace: yangricardo
Repository: nextjs-tailwind-reacthook-form-ant-design-template
Repository Url: https://github.com/yangricardo/nextjs-tailwind-reacthook-form-ant-design-template
CxAST-Project: yangricardo/nextjs-tailwind-reacthook-form-ant-design-template
CxAST platform scan: 1c12eb90-4f8a-4eb7-a810-acf7fa5369de
Branch: main
Application: nextjs-tailwind-reacthook-form-ant-design-template
Severity: HIGH
State: NOT_IGNORED
Status: RECURRENT
CWE: CWE-772

---

Additional Info
Attack vector: NETWORK
Attack complexity: LOW
Confidentiality impact: NONE
Availability impact: HIGH

---

References
Issue