Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Snyk] Upgrade react-scripts from 1.0.17 to 1.1.5 #3

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

snyk-bot
Copy link

@snyk-bot snyk-bot commented Sep 2, 2019

Snyk have raised this PR to upgrade react-scripts from 1.0.17 to 1.1.5.

  • The recommended version is 13 versions ahead of your current version.
  • The recommended version was released a year ago, on 2018-08-22.

The recommended version fixes:

Severity Title Issue ID
Arbitrary File Overwrite SNYK-JS-FSTREAM-174725
Open Redirect npm:url-parse:20180731
Prototype Pollution SNYK-JS-HANDLEBARS-174183
Prototype Pollution npm:deep-extend:20180409
Arbitrary Command Injection npm:macaddress:20180511
Prototype Pollution npm:extend:20180424
Regular Expression Denial of Service (ReDoS) npm:sshpk:20180409
Regular Expression Denial of Service (ReDoS) npm:diff:20180305
Arbitrary File Overwrite SNYK-JS-TAR-174125
Open Redirect npm:url-parse:20180731
Arbitrary Code Execution SNYK-JS-REACTDEVUTILS-72875
Prototype Override npm:querystringify:20180419
Regular Expression Denial of Service (ReDoS) npm:sshpk:20180409
Prototype Pollution SNYK-JS-HANDLEBARS-173692
Prototype Override npm:querystringify:20180419
Prototype Pollution npm:hoek:20180212
Regular Expression Denial of Service (ReDoS) npm:tough-cookie:20170905
Regular Expression Denial of Service (ReDoS) npm:node-forge:20180226
Prototype Pollution npm:hoek:20180212
Uninitialized Memory Exposure npm:stringstream:20180511
Insecure Randomness npm:cryptiles:20180710
Regular Expression Denial of Service (ReDoS) npm:nwmatcher:20180305
Prototype Pollution SNYK-JS-MERGE-72553
Regular Expression Denial of Service (ReDoS) npm:clean-css:20180306
Regular Expression Denial of Service (ReDoS) npm:debug:20170905
Release notes

from react-scripts GitHub Release Notes


🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant