[Snyk] Security upgrade react-scripts from 4.0.3 to 5.0.0 #45
15 new issues (0 max.) of at least severity.
Annotations
Check warning on line 434 in yarn.lock
codacy-production / Codacy Static Code Analysis
yarn.lock#L434
Insecure dependency npm/@babel/[email protected] (CVE-2025-27789: Babel has inefficient RegExp complexity in generated code with .replace when transpiling named capturing groups) (update to 7.26.10)
Check warning on line 1804 in yarn.lock
codacy-production / Codacy Static Code Analysis
yarn.lock#L1804
Insecure dependency npm/@babel/[email protected] (CVE-2025-27789: Babel has inefficient RegExp complexity in generated code with .replace when transpiling named capturing groups) (update to 7.26.10)
Check failure on line 1841 in yarn.lock
codacy-production / Codacy Static Code Analysis
yarn.lock#L1841
Insecure dependency npm/@babel/[email protected] (CVE-2023-45133: babel: arbitrary code execution) (update to 7.23.2)
Check warning on line 3879 in yarn.lock
codacy-production / Codacy Static Code Analysis
yarn.lock#L3879
Insecure dependency npm/[email protected] (CVE-2021-23364: browserslist: parsing of invalid queries could result in Regular Expression Denial of Service (ReDoS)) (update to 4.16.5)
Check warning on line 4342 in yarn.lock
codacy-production / Codacy Static Code Analysis
yarn.lock#L4342
Insecure dependency npm/[email protected] (CVE-2024-21538: cross-spawn: regular expression denial of service) (update to 7.0.5)
Check warning on line 7432 in yarn.lock
codacy-production / Codacy Static Code Analysis
yarn.lock#L7432
Insecure dependency npm/[email protected] (CVE-2022-37599: loader-utils: regular expression denial of service in interpolateName.js) (update to 2.0.4)
Check failure on line 7432 in yarn.lock
codacy-production / Codacy Static Code Analysis
yarn.lock#L7432
Insecure dependency npm/[email protected] (CVE-2022-37601: loader-utils: prototype pollution in function parseQuery in parseQuery.js) (update to 2.0.3)
Check warning on line 7432 in yarn.lock
codacy-production / Codacy Static Code Analysis
yarn.lock#L7432
Insecure dependency npm/[email protected] (CVE-2022-37603: loader-utils: Regular expression denial of service) (update to 2.0.4)
Check warning on line 7676 in yarn.lock
codacy-production / Codacy Static Code Analysis
yarn.lock#L7676
Insecure dependency npm/[email protected] (CVE-2022-3517: nodejs-minimatch: ReDoS via the braceExpand function) (update to 3.0.5)
Check failure on line 7697 in yarn.lock
codacy-production / Codacy Static Code Analysis
yarn.lock#L7697
Insecure dependency npm/[email protected] (CVE-2021-44906: minimist: prototype pollution) (update to 1.2.6)
Check warning on line 8755 in yarn.lock
codacy-production / Codacy Static Code Analysis
yarn.lock#L8755
Insecure dependency npm/[email protected] (CVE-2023-44270: PostCSS: Improper input validation in PostCSS) (update to 8.4.31)
Check warning on line 9491 in yarn.lock
codacy-production / Codacy Static Code Analysis
yarn.lock#L9491
Insecure dependency npm/[email protected] (CVE-2022-25883: nodejs-semver: Regular expression denial of service) (update to 5.7.2)
Check warning on line 9506 in yarn.lock
codacy-production / Codacy Static Code Analysis
yarn.lock#L9506
Insecure dependency npm/[email protected] (CVE-2022-25883: nodejs-semver: Regular expression denial of service) (update to 7.5.2)
Check warning on line 10658 in yarn.lock
codacy-production / Codacy Static Code Analysis
yarn.lock#L10658
Insecure dependency npm/[email protected] (CVE-2025-30359: webpack-dev-server: webpack-dev-server information exposure) (update to 5.2.1)
Check warning on line 10658 in yarn.lock
codacy-production / Codacy Static Code Analysis
yarn.lock#L10658
Insecure dependency npm/[email protected] (CVE-2025-30360: webpack-dev-server: webpack-dev-server information exposure) (update to 5.2.1)