replace-in-file icon indicating copy to clipboard operation
replace-in-file copied to clipboard

Published 20 hours ago verified publisher icon adamreisnz

Update Glob to v10 to resolve CWE-772 in inflight

Open sohaisha opened this issue 1 year ago • 0 comments

Inflight has a medium security vulnerability:

  1. CWE-772 - https://cwe.mitre.org/data/definitions/772.html
  2. https://security.snyk.io/package/npm/inflight/1.0.6
  3. There is no fixed version for inflight
  4. This library is not maintained, and currently, there is no fix for this issue. To overcome this vulnerability, several dependent packages have eliminated the use of this library.

The only solution is to update glob to v10 in replace-in-file.

sohaisha avatar Mar 11 '24 08:03 sohaisha