@tootallnate/once vulnerable to Incorrect Control Flow Scoping

Versions of the package @tootallnate/once before 3.0.1 are vulnerable to Incorrect Control Flow Scoping in promise resolving when AbortSignal option is used. The Promise remains in a permanently pending state after the signal is aborted, causing any await or .then usage to hang indefinitely. This...

@tootallnate/once 安全漏洞

@tootallnate/once is a JavaScript code library developed by Nathan Rajlich personally. Versions of @tootallnate/once prior to version 3.0.1 contained security vulnerabilities. These vulnerabilities stemmed from errors in the control flow scope when using the AbortSignal option. After the signal i...