[Snyk] Security upgrade react-scripts from 4.0.3 to 5.0.0 #42
15 new issues (0 max.) of at least severity.
Annotations
Check warning on line 434 in yarn.lock
codacy-production / Codacy Static Code Analysis
yarn.lock#L434
Insecure dependency npm/@babel/[email protected] (CVE-2025-27789: Babel has inefficient RegExp complexity in generated code with .replace when transpiling named capturing groups) (update to 7.26.10)
Check warning on line 1804 in yarn.lock
codacy-production / Codacy Static Code Analysis
yarn.lock#L1804
Insecure dependency npm/@babel/[email protected] (CVE-2025-27789: Babel has inefficient RegExp complexity in generated code with .replace when transpiling named capturing groups) (update to 7.26.10)
Check failure on line 1841 in yarn.lock
codacy-production / Codacy Static Code Analysis
yarn.lock#L1841
Insecure dependency npm/@babel/[email protected] (CVE-2023-45133: babel: arbitrary code execution) (update to 7.23.2)
Check warning on line 3894 in yarn.lock
codacy-production / Codacy Static Code Analysis
yarn.lock#L3894
Insecure dependency npm/[email protected] (CVE-2021-23364: browserslist: parsing of invalid queries could result in Regular Expression Denial of Service (ReDoS)) (update to 4.16.5)
Check warning on line 4357 in yarn.lock
codacy-production / Codacy Static Code Analysis
yarn.lock#L4357
Insecure dependency npm/[email protected] (CVE-2024-21538: cross-spawn: regular expression denial of service) (update to 7.0.5)
Check warning on line 7475 in yarn.lock
codacy-production / Codacy Static Code Analysis
yarn.lock#L7475
Insecure dependency npm/[email protected] (CVE-2022-37599: loader-utils: regular expression denial of service in interpolateName.js) (update to 2.0.4)
Check failure on line 7475 in yarn.lock
codacy-production / Codacy Static Code Analysis
yarn.lock#L7475
Insecure dependency npm/[email protected] (CVE-2022-37601: loader-utils: prototype pollution in function parseQuery in parseQuery.js) (update to 2.0.3)
Check warning on line 7475 in yarn.lock
codacy-production / Codacy Static Code Analysis
yarn.lock#L7475
Insecure dependency npm/[email protected] (CVE-2022-37603: loader-utils: Regular expression denial of service) (update to 2.0.4)
Check warning on line 7724 in yarn.lock
codacy-production / Codacy Static Code Analysis
yarn.lock#L7724
Insecure dependency npm/[email protected] (CVE-2022-3517: nodejs-minimatch: ReDoS via the braceExpand function) (update to 3.0.5)
Check failure on line 7752 in yarn.lock
codacy-production / Codacy Static Code Analysis
yarn.lock#L7752
Insecure dependency npm/[email protected] (CVE-2021-44906: minimist: prototype pollution) (update to 1.2.6)
Check warning on line 8824 in yarn.lock
codacy-production / Codacy Static Code Analysis
yarn.lock#L8824
Insecure dependency npm/[email protected] (CVE-2023-44270: PostCSS: Improper input validation in PostCSS) (update to 8.4.31)
Check warning on line 9560 in yarn.lock
codacy-production / Codacy Static Code Analysis
yarn.lock#L9560
Insecure dependency npm/[email protected] (CVE-2022-25883: nodejs-semver: Regular expression denial of service) (update to 5.7.2)
Check warning on line 9575 in yarn.lock
codacy-production / Codacy Static Code Analysis
yarn.lock#L9575
Insecure dependency npm/[email protected] (CVE-2022-25883: nodejs-semver: Regular expression denial of service) (update to 7.5.2)
Check warning on line 10749 in yarn.lock
codacy-production / Codacy Static Code Analysis
yarn.lock#L10749
Insecure dependency npm/[email protected] (CVE-2025-30359: webpack-dev-server: webpack-dev-server information exposure) (update to 5.2.1)
Check warning on line 10749 in yarn.lock
codacy-production / Codacy Static Code Analysis
yarn.lock#L10749
Insecure dependency npm/[email protected] (CVE-2025-30360: webpack-dev-server: webpack-dev-server information exposure) (update to 5.2.1)