Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
async portscanner vulnerability 2.1.1
See original GitHub issueHello, there’s a vulnerability related to old version of async:
https://github.com/advisories/GHSA-fwr7-v2mv-hh25
browser-sync uses portscanner, which uses async.
Latest version of portscanner (2.2.0) already updated async and the issue fixed.
But browser-sync 2.27.9 still uses portscanner 2.1.1
https://github.com/BrowserSync/browser-sync/blob/master/packages/browser-sync/package.json#L56
Could you please update portscanner up to the latest version?
Issue Analytics
- State:
- Created a year ago
- Reactions:12
- Comments:5 (2 by maintainers)
Top Results From Across the Web
NPM Audit: Prototype pollution in async #2327 - 11ty/eleventy
issue async portscanner vulnerability 2.1.1 BrowserSync/browser-sync#1959; PR Updated portscanner to 2.2.0 BrowserSync/browser-sync#1960 ...
Read more >async-portscanner - npm Package Health Analysis - Snyk
Ensure you're using the healthiest npm packages. Snyk scans all the packages in your projects for vulnerabilities and provides automated fix ...
Read more >portscanner | Yarn - Package Manager
The portscanner module is an asynchronous JavaScript port scanner for Node.js. Portscanner can check a port, or range of ports, for 'open' or...
Read more >Scanner tools - BlackArch
Name Version Description
0trace 1.5 A hop enumeration tool.
a2sv 140.cb24c4e Auto Scanning to SSL Vulnerability.
admsnmp 0.1 ADM SNMP audit scanner.
Read more >Apache Struts 'REST Plugin With XStream Handler' RCE ...
Apache Struts REST plugin XStream deserialization vulnerability ... describes it as \u201cTCP port scanner, spews SYN packets asynchronously, ...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Yep, I’ll get to this tomorrow 😃
fixed in browser-sync@2.27.10 - thank you 😃