#94 Npm-inflight-1.0.6

[joaoluis-pdm]

From #94

List of Packages with HIGH CVEs

Packages detected

HIGH - Npm-inflight-1.0.6

location: package.json

origin: > Npm-goodparts-1.3.0 > Npm-eslint-6.8.0 > Npm-file-entry-cache-5.0.1 > Npm-flat-cache-2.0.1 > Npm-rimraf-2.6.3 > Npm-glob-7.2.3 > Npm-inflight-1.0.6 > Npm-@ionic/cli-6.20.1 > Npm-@ionic/cli-framework-5.1.3 > Npm-rimraf-3.0.2 > Npm-glob-7.2.0 > Npm-inflight-1.0.6 > Npm-istanbul-0.4.5 > Npm-glob-5.0.15 > Npm-inflight-1.0.6 > Npm-jest-27.5.1 > Npm-@jest/core-27.5.1 > Npm-@jest/reporters-27.5.1 > Npm-glob-7.2.3 > Npm-inflight-1.0.6 > Npm-mocha-9.2.2 > Npm-glob-7.2.0 > Npm-inflight-1.0.6 > Npm-phonegap-plugin-barcodescanner-8.1.0 > Npm-shelljs-0.8.5 > Npm-glob-7.2.3 > Npm-inflight-1.0.6 > Npm-rimraf-3.0.2 > Npm-glob-7.2.0 > Npm-inflight-1.0.6 > Npm-workbox-cli-6.5.3 > Npm-glob-7.2.3 > Npm-inflight-1.0.6 > Npm-yamljs-0.3.0 > Npm-glob-7.2.0 > Npm-inflight-1.0.6

Vulnerabilities:

(RECURRENT) Cxdca8e59f-8bfe: In npm inflight there is a memory leak because some resources are not freed correctly after being used. It appears to affect all versions.

[joaoluis-pdm]

@TiagoV-PDMFC there is listing of the dependency tree at https://pdmfc374.sharepoint.com/:t:/s/PRJ-EUH2020-PharmaLedger/ET21Txs_imNFmI6wf5R-jM0BlBb1lGcySuQHtacr2Q6ePA?e=ZbI3qr

I don't think we can forcefully replace inflight-1.0.6 with any newer version as it is the latest. I only expect to talk to you on this one on Tuesday.