New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

`async` vulnerability (high severity) introduced through portfinder #1934

Closed

JJ opened this issue Apr 20, 2022 · 0 comments · Fixed by #2059

Contributor

JJ commented Apr 20, 2022 •

edited

Loading

This was revealed by the beginning of April .

The dependency path is :

  └─┬ @web/test-runner@0.13.25
    └─┬ portfinder@1.0.28
      └── async@2.6.4

The issue in portfinder has been opened but it's not clear what the ETA for fixing it would be.

The text was updated successfully, but these errors were encountered:

JJ mentioned this issue

🐛 async redux polypoly-eu/polyPod#818

Merged

web-padawan mentioned this issue

fix: update portfinder dependency to 1.0.32 #2059

Merged

web-padawan closed this as completed in #2059

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment