grpc-node icon indicating copy to clipboard operation
grpc-node copied to clipboard
verified publisher icon grpc

Snyk.io vulnerable package inflight

Open Holubinka opened this issue 7 months ago • 1 comments

Problem description

I have a problem after Snyk check

✗ Missing Release of Resource after Effective Lifetime [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-INFLIGHT-6095116] in [email protected] introduced by [email protected] > @mapbox/[email protected] > [email protected] > [email protected] > [email protected] No upgrade or patch available

yarn audit fix didn't help me.

Environment

Currently, I am using Node-22.15.1

Holubinka avatar Jun 06 '25 09:06 Holubinka

This has no impact on this package. grpc-tools only uses node-pre-gyp at installation time, so the memory leak this vulnerability causes doesn't do anything.

murgatroid99 avatar Jun 06 '25 16:06 murgatroid99