[Snyk] Security upgrade react-scripts from 4.0.3 to 5.0.0 #44
15 new issues (0 max.) of at least severity.
Annotations
Check warning on line 434 in yarn.lock
codacy-production / Codacy Static Code Analysis
yarn.lock#L434
Insecure dependency npm/@babel/[email protected] (CVE-2025-27789: Babel has inefficient RegExp complexity in generated code with .replace when transpiling named capturing groups) (update to 7.26.10)
Check warning on line 1804 in yarn.lock
codacy-production / Codacy Static Code Analysis
yarn.lock#L1804
Insecure dependency npm/@babel/[email protected] (CVE-2025-27789: Babel has inefficient RegExp complexity in generated code with .replace when transpiling named capturing groups) (update to 7.26.10)
Check failure on line 1841 in yarn.lock
codacy-production / Codacy Static Code Analysis
yarn.lock#L1841
Insecure dependency npm/@babel/[email protected] (CVE-2023-45133: babel: arbitrary code execution) (update to 7.23.2)
Check warning on line 3901 in yarn.lock
codacy-production / Codacy Static Code Analysis
yarn.lock#L3901
Insecure dependency npm/[email protected] (CVE-2021-23364: browserslist: parsing of invalid queries could result in Regular Expression Denial of Service (ReDoS)) (update to 4.16.5)
Check warning on line 4364 in yarn.lock
codacy-production / Codacy Static Code Analysis
yarn.lock#L4364
Insecure dependency npm/[email protected] (CVE-2024-21538: cross-spawn: regular expression denial of service) (update to 7.0.5)
Check warning on line 7483 in yarn.lock
codacy-production / Codacy Static Code Analysis
yarn.lock#L7483
Insecure dependency npm/[email protected] (CVE-2022-37599: loader-utils: regular expression denial of service in interpolateName.js) (update to 2.0.4)
Check failure on line 7483 in yarn.lock
codacy-production / Codacy Static Code Analysis
yarn.lock#L7483
Insecure dependency npm/[email protected] (CVE-2022-37601: loader-utils: prototype pollution in function parseQuery in parseQuery.js) (update to 2.0.3)
Check warning on line 7483 in yarn.lock
codacy-production / Codacy Static Code Analysis
yarn.lock#L7483
Insecure dependency npm/[email protected] (CVE-2022-37603: loader-utils: Regular expression denial of service) (update to 2.0.4)
Check warning on line 7732 in yarn.lock
codacy-production / Codacy Static Code Analysis
yarn.lock#L7732
Insecure dependency npm/[email protected] (CVE-2022-3517: nodejs-minimatch: ReDoS via the braceExpand function) (update to 3.0.5)
Check failure on line 7760 in yarn.lock
codacy-production / Codacy Static Code Analysis
yarn.lock#L7760
Insecure dependency npm/[email protected] (CVE-2021-44906: minimist: prototype pollution) (update to 1.2.6)
Check warning on line 8831 in yarn.lock
codacy-production / Codacy Static Code Analysis
yarn.lock#L8831
Insecure dependency npm/[email protected] (CVE-2023-44270: PostCSS: Improper input validation in PostCSS) (update to 8.4.31)
Check warning on line 9567 in yarn.lock
codacy-production / Codacy Static Code Analysis
yarn.lock#L9567
Insecure dependency npm/[email protected] (CVE-2022-25883: nodejs-semver: Regular expression denial of service) (update to 5.7.2)
Check warning on line 9582 in yarn.lock
codacy-production / Codacy Static Code Analysis
yarn.lock#L9582
Insecure dependency npm/[email protected] (CVE-2022-25883: nodejs-semver: Regular expression denial of service) (update to 7.5.2)
Check warning on line 10756 in yarn.lock
codacy-production / Codacy Static Code Analysis
yarn.lock#L10756
Insecure dependency npm/[email protected] (CVE-2025-30359: webpack-dev-server: webpack-dev-server information exposure) (update to 5.2.1)
Check warning on line 10756 in yarn.lock
codacy-production / Codacy Static Code Analysis
yarn.lock#L10756
Insecure dependency npm/[email protected] (CVE-2025-30360: webpack-dev-server: webpack-dev-server information exposure) (update to 5.2.1)