Nanak-Singh

**Name of the Vulnerable Software and Affected Versions** @tootallnate/once versions prior to 3.0.1 **Description** The package @tootallnate/once versions prior to 3.0.1 are susceptible to an issue with incorrect control flow scoping in promise resolving when the AbortSignal option is utilized. When the signal is aborted, the Promise remains in a permanently pending state, leading to indefinite hanging of any `await` or `.then()` operations. This control-flow leak can potentially result in stalled requests, blocked workers, or reduced application availability. **Recommendations** Update @tootallnate/once to version 3.0.1 or later.