Elemento
Elemento copied to clipboard
Published
20 hours ago •
AasthaMehtaTech
AasthaMehtaTech
[Snyk] Upgrade react-scripts from 3.4.1 to 3.4.4
Snyk has created this PR to upgrade react-scripts from 3.4.1 to 3.4.4.
:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
- The recommended version is 3 versions ahead of your current version.
- The recommended version was released 2 years ago, on 2020-10-20.
The recommended version fixes:
| Severity | Issue | PriorityScore (*) | Exploit Maturity |
|---|---|---|---|
 |
Improper Input Validation SNYK-JS-URLPARSE-2407770 |
512/1000 Why? Proof of Concept exploit, CVSS 8.1 |
Proof of Concept |
|
Regular Expression Denial of Service (ReDoS) SNYK-JS-TMPL-1583443 |
512/1000 Why? Proof of Concept exploit, CVSS 8.1 |
Proof of Concept |
|
Regular Expression Denial of Service (ReDoS) SNYK-JS-SSRI-1246392 |
512/1000 Why? Proof of Concept exploit, CVSS 8.1 |
Proof of Concept |
|
Regular Expression Denial of Service (ReDoS) SNYK-JS-SSRI-1246392 |
512/1000 Why? Proof of Concept exploit, CVSS 8.1 |
Proof of Concept |
|
Arbitrary Code Injection SNYK-JS-SERIALIZEJAVASCRIPT-570062 |
512/1000 Why? Proof of Concept exploit, CVSS 8.1 |
Proof of Concept |
|
Prototype Pollution SNYK-JS-OBJECTPATH-1585658 |
512/1000 Why? Proof of Concept exploit, CVSS 8.1 |
No Known Exploit |
|
Prototype Pollution SNYK-JS-OBJECTPATH-1017036 |
512/1000 Why? Proof of Concept exploit, CVSS 8.1 |
Proof of Concept |
|
Prototype Pollution SNYK-JS-NODEFORGE-598677 |
512/1000 Why? Proof of Concept exploit, CVSS 8.1 |
Proof of Concept |
|
Prototype Pollution SNYK-JS-MERGEDEEP-1070277 |
512/1000 Why? Proof of Concept exploit, CVSS 8.1 |
No Known Exploit |
|
Prototype Pollution SNYK-JS-JSONSCHEMA-1920922 |
512/1000 Why? Proof of Concept exploit, CVSS 8.1 |
No Known Exploit |
|
Prototype Pollution SNYK-JS-INI-1048974 |
512/1000 Why? Proof of Concept exploit, CVSS 8.1 |
Proof of Concept |
|
Remote Memory Exposure SNYK-JS-DNSPACKET-1293563 |
512/1000 Why? Proof of Concept exploit, CVSS 8.1 |
No Known Exploit |
|
Prototype Pollution SNYK-JS-ASYNC-2441827 |
512/1000 Why? Proof of Concept exploit, CVSS 8.1 |
Proof of Concept |
 |
Prototype Pollution SNYK-JS-YARGSPARSER-560381 |
512/1000 Why? Proof of Concept exploit, CVSS 8.1 |
Proof of Concept |
|
Regular Expression Denial of Service (ReDoS) SNYK-JS-WS-1296835 |
512/1000 Why? Proof of Concept exploit, CVSS 8.1 |
Proof of Concept |
|
Regular Expression Denial of Service (ReDoS) SNYK-JS-WS-1296835 |
512/1000 Why? Proof of Concept exploit, CVSS 8.1 |
Proof of Concept |
|
Authorization Bypass Through User-Controlled Key SNYK-JS-URLPARSE-2412697 |
512/1000 Why? Proof of Concept exploit, CVSS 8.1 |
Proof of Concept |
|
Authorization Bypass SNYK-JS-URLPARSE-2407759 |
512/1000 Why? Proof of Concept exploit, CVSS 8.1 |
Proof of Concept |
|
Access Restriction Bypass SNYK-JS-URLPARSE-2401205 |
512/1000 Why? Proof of Concept exploit, CVSS 8.1 |
Proof of Concept |
|
Open Redirect SNYK-JS-URLPARSE-1533425 |
512/1000 Why? Proof of Concept exploit, CVSS 8.1 |
Proof of Concept |
|
Improper Input Validation SNYK-JS-URLPARSE-1078283 |
512/1000 Why? Proof of Concept exploit, CVSS 8.1 |
No Known Exploit |
|
Denial of Service (DoS) SNYK-JS-SOCKJS-575261 |
512/1000 Why? Proof of Concept exploit, CVSS 8.1 |
Proof of Concept |
|
Regular Expression Denial of Service (ReDoS) SNYK-JS-PROMPTS-1729737 |
512/1000 Why? Proof of Concept exploit, CVSS 8.1 |
Proof of Concept |
|
Prototype Pollution SNYK-JS-OBJECTPATH-1569453 |
512/1000 Why? Proof of Concept exploit, CVSS 8.1 |
Proof of Concept |
|
Denial of Service (DoS) SNYK-JS-NWSAPI-2841516 |
512/1000 Why? Proof of Concept exploit, CVSS 8.1 |
No Known Exploit |
|
Command Injection SNYK-JS-NODENOTIFIER-1035794 |
512/1000 Why? Proof of Concept exploit, CVSS 8.1 |
No Known Exploit |
|
Regular Expression Denial of Service (ReDoS) SNYK-JS-ISSVG-1243891 |
512/1000 Why? Proof of Concept exploit, CVSS 8.1 |
Proof of Concept |
|
Regular Expression Denial of Service (ReDoS) SNYK-JS-ISSVG-1085627 |
512/1000 Why? Proof of Concept exploit, CVSS 8.1 |
Proof of Concept |
|
Information Exposure SNYK-JS-FOLLOWREDIRECTS-2332181 |
512/1000 Why? Proof of Concept exploit, CVSS 8.1 |
Proof of Concept |
|
Information Exposure SNYK-JS-EVENTSOURCE-2823375 |
512/1000 Why? Proof of Concept exploit, CVSS 8.1 |
Proof of Concept |
|
Cryptographic Issues SNYK-JS-ELLIPTIC-1064899 |
512/1000 Why? Proof of Concept exploit, CVSS 8.1 |
No Known Exploit |
|
Regular Expression Denial of Service (ReDoS) SNYK-JS-COLORSTRING-1082939 |
512/1000 Why? Proof of Concept exploit, CVSS 8.1 |
Proof of Concept |
 |
Prototype Pollution SNYK-JS-MINIMIST-2429795 |
512/1000 Why? Proof of Concept exploit, CVSS 8.1 |
Proof of Concept |
|
Information Exposure SNYK-JS-FOLLOWREDIRECTS-2396346 |
512/1000 Why? Proof of Concept exploit, CVSS 8.1 |
No Known Exploit |
(*) Note that the real score may have changed since the PR was raised.
Release notes
Package name: react-scripts
- 3.4.4 - 2020-10-20
- 3.4.3 - 2020-08-12
- 3.4.2 - 2020-08-11
- 3.4.1 - 2020-03-21
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
🔕 Ignore this dependency or unsubscribe from future upgrade PRs
