[Snyk] Security upgrade react-scripts from 4.0.3 to 5.0.0 #26
8 new issues (0 max.) of at least minor severity.
Annotations
Check failure on line 1836 in yarn.lock
codacy-production / Codacy Static Code Analysis
yarn.lock#L1836
Insecure dependency @babel/traverse@7.12.17 (CVE-2023-45133: babel: arbitrary code execution) (update to 7.23.2)
Check warning on line 3859 in yarn.lock
codacy-production / Codacy Static Code Analysis
yarn.lock#L3859
Insecure dependency browserslist@4.16.3 (CVE-2021-23364: browserslist: parsing of invalid queries could result in Regular Expression Denial of Service (ReDoS)) (update to 4.16.5)
Check failure on line 7362 in yarn.lock
codacy-production / Codacy Static Code Analysis
yarn.lock#L7362
Insecure dependency loader-utils@2.0.0 (CVE-2022-37599: loader-utils: regular expression denial of service in interpolateName.js) (update to 2.0.4)
Check failure on line 7606 in yarn.lock
codacy-production / Codacy Static Code Analysis
yarn.lock#L7606
Insecure dependency minimatch@3.0.4 (CVE-2022-3517: nodejs-minimatch: ReDoS via the braceExpand function) (update to 3.0.5)
Check failure on line 7634 in yarn.lock
codacy-production / Codacy Static Code Analysis
yarn.lock#L7634
Insecure dependency minimist@1.2.5 (CVE-2021-44906: minimist: prototype pollution) (update to 1.2.6)
Check warning on line 8700 in yarn.lock
codacy-production / Codacy Static Code Analysis
yarn.lock#L8700
Insecure dependency postcss@7.0.39 (CVE-2023-44270: An issue was discovered in PostCSS before 8.4.31. The vulnerability af ...) (update to 8.4.31)
Check failure on line 9446 in yarn.lock
codacy-production / Codacy Static Code Analysis
yarn.lock#L9446
Insecure dependency semver@5.7.1 (CVE-2022-25883: nodejs-semver: Regular expression denial of service) (update to 5.7.2)
Check failure on line 9461 in yarn.lock
codacy-production / Codacy Static Code Analysis
yarn.lock#L9461
Insecure dependency semver@7.3.4 (CVE-2022-25883: nodejs-semver: Regular expression denial of service) (update to 7.5.2)