[Snyk] Upgrade react-scripts from 3.3.0 to 3.4.4

[abstracts33d]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade react-scripts from 3.3.0 to 3.4.4.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 6 versions ahead of your current version.
• The recommended version was released 3 years ago, on 2020-10-20.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Prototype Pollution SNYK-JS-AJV-584908	405/1000 Why? CVSS 8.1	No Known Exploit
	Prototype Pollution SNYK-JS-ASYNC-2441827	405/1000 Why? CVSS 8.1	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SSRI-1246392	405/1000 Why? CVSS 8.1	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-TMPL-1583443	405/1000 Why? CVSS 8.1	Proof of Concept
	Prototype Pollution SNYK-JS-NODEFORGE-598677	405/1000 Why? CVSS 8.1	Proof of Concept
	Prototype Pollution SNYK-JS-JSONSCHEMA-1920922	405/1000 Why? CVSS 8.1	No Known Exploit
	Prototype Pollution SNYK-JS-OBJECTPATH-1017036	405/1000 Why? CVSS 8.1	Proof of Concept
	Prototype Pollution SNYK-JS-OBJECTPATH-1585658	405/1000 Why? CVSS 8.1	No Known Exploit
	Command Injection SNYK-JS-LODASH-1040724	405/1000 Why? CVSS 8.1	Proof of Concept
	Prototype Pollution SNYK-JS-LODASH-567746	405/1000 Why? CVSS 8.1	Proof of Concept
	Prototype Pollution SNYK-JS-LODASH-608086	405/1000 Why? CVSS 8.1	Proof of Concept
	Arbitrary Code Injection SNYK-JS-SERIALIZEJAVASCRIPT-570062	405/1000 Why? CVSS 8.1	Proof of Concept
	Denial of Service (DoS) SNYK-JS-DECODEURICOMPONENT-3149970	405/1000 Why? CVSS 8.1	Proof of Concept
	Remote Memory Exposure SNYK-JS-DNSPACKET-1293563	405/1000 Why? CVSS 8.1	No Known Exploit
	Cryptographic Issues SNYK-JS-ELLIPTIC-571484	405/1000 Why? CVSS 8.1	Proof of Concept
	Prototype Pollution SNYK-JS-MERGEDEEP-1070277	405/1000 Why? CVSS 8.1	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SSRI-1246392	405/1000 Why? CVSS 8.1	Proof of Concept
	Arbitrary File Overwrite SNYK-JS-TAR-1536528	405/1000 Why? CVSS 8.1	No Known Exploit
	Arbitrary File Overwrite SNYK-JS-TAR-1536531	405/1000 Why? CVSS 8.1	No Known Exploit
	Arbitrary File Write SNYK-JS-TAR-1579147	405/1000 Why? CVSS 8.1	No Known Exploit
	Arbitrary File Write SNYK-JS-TAR-1579152	405/1000 Why? CVSS 8.1	No Known Exploit
	Arbitrary File Write SNYK-JS-TAR-1579155	405/1000 Why? CVSS 8.1	No Known Exploit
	Improper Input Validation SNYK-JS-URLPARSE-2407770	405/1000 Why? CVSS 8.1	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-WEBSOCKETEXTENSIONS-570623	405/1000 Why? CVSS 8.1	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-WORDWRAP-3149973	405/1000 Why? CVSS 8.1	Proof of Concept
	Prototype Pollution SNYK-JS-Y18N-1021887	405/1000 Why? CVSS 8.1	Proof of Concept
	Prototype Pollution SNYK-JS-INI-1048974	405/1000 Why? CVSS 8.1	Proof of Concept
	Denial of Service (DoS) SNYK-JS-SOCKJS-575261	405/1000 Why? CVSS 8.1	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-TERSER-2806366	405/1000 Why? CVSS 8.1	No Known Exploit
	Prototype Pollution SNYK-JS-JSON5-3182856	405/1000 Why? CVSS 8.1	Proof of Concept
	Prototype Pollution SNYK-JS-JSON5-3182856	405/1000 Why? CVSS 8.1	Proof of Concept
	Command Injection SNYK-JS-NODENOTIFIER-1035794	405/1000 Why? CVSS 8.1	No Known Exploit
	Denial of Service (DoS) SNYK-JS-NWSAPI-2841516	405/1000 Why? CVSS 8.1	No Known Exploit
	Prototype Pollution SNYK-JS-OBJECTPATH-1569453	405/1000 Why? CVSS 8.1	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHPARSE-1077067	405/1000 Why? CVSS 8.1	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905	405/1000 Why? CVSS 8.1	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PROMPTS-1729737	405/1000 Why? CVSS 8.1	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-COLORSTRING-1082939	405/1000 Why? CVSS 8.1	Proof of Concept
	Cryptographic Issues SNYK-JS-ELLIPTIC-1064899	405/1000 Why? CVSS 8.1	No Known Exploit
	Information Exposure SNYK-JS-EVENTSOURCE-2823375	405/1000 Why? CVSS 8.1	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-UGLIFYJS-1727251	405/1000 Why? CVSS 8.1	No Known Exploit
	Improper Input Validation SNYK-JS-URLPARSE-1078283	405/1000 Why? CVSS 8.1	No Known Exploit
	Open Redirect SNYK-JS-URLPARSE-1533425	405/1000 Why? CVSS 8.1	Proof of Concept
	Access Restriction Bypass SNYK-JS-URLPARSE-2401205	405/1000 Why? CVSS 8.1	Proof of Concept
	Authorization Bypass SNYK-JS-URLPARSE-2407759	405/1000 Why? CVSS 8.1	Proof of Concept
	Authorization Bypass Through User-Controlled Key SNYK-JS-URLPARSE-2412697	405/1000 Why? CVSS 8.1	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-WS-1296835	405/1000 Why? CVSS 8.1	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-WS-1296835	405/1000 Why? CVSS 8.1	Proof of Concept
	Prototype Pollution SNYK-JS-YARGSPARSER-560381	405/1000 Why? CVSS 8.1	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-HOSTEDGITINFO-1088355	405/1000 Why? CVSS 8.1	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-HTMLMINIFIER-3091181	405/1000 Why? CVSS 8.1	Proof of Concept
	Denial of Service (DoS) SNYK-JS-HTTPPROXY-569139	405/1000 Why? CVSS 8.1	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ISSVG-1085627	405/1000 Why? CVSS 8.1	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ISSVG-1243891	405/1000 Why? CVSS 8.1	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-TAR-1536758	405/1000 Why? CVSS 8.1	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: react-scripts

• 3.4.4 - 2020-10-20
• 3.4.3 - 2020-08-12
• 3.4.2 - 2020-08-11
• 3.4.1 - 2020-03-21
• 3.4.0 - 2020-02-14
• 3.3.1 - 2020-01-31
• 3.3.0 - 2019-12-05

from react-scripts GitHub release notes

Commit messages

Package name: react-scripts

• d2f813f Publish
• 7641a3c Prepare 3.4.1 release
• d5b527f Update to Babel 7.9 (#8681)
• 6adb82a Add React.StrictMode to default templates (#8558)
• a452ddc Bump dependencies (#8620)
• 3f699fd Fix proxying API request docs (#8515)
• 4d26208 Use native ESLint behaviour when extending (#8276)
• 8ba0ccb Whitelist main in template.json (#8539)
• 7d3b72c Update template example in docs (#8561)
• 2030ee1 Fix optional chaining and nullish coalescing support (#8526)
• 038e6fa Widen eslint-config-react-app peer dependency versions (#7790)
• 7e6d6cd Closes webpack dev server and exits process on "end" stdin (#7203)
• af926d5 Bump pnp-webpack-plugin (#8509)
• 8b0dd54 Publish
• 5ccee88 Prepare 3.4.0 release
• e579de1 Downgrade style-loader to v0.23.1 due to CSS modules hot reload… (#8378)
• 4784997 Correct webpack name casing (#8475)
• 589b41a update open to v7.0.2 (#8459)
• 865ea05 fix(typescriptFormatter): use chalk@2 constructor (#8450)
• d45823c fix(react-scripts): do not redirect served path if request may proxy (#8442)
• eb8e7be Downgrade chalk for ie 11 support (#8439)
• 767aa18 Fixes unchecked access to 'deploy' script on build (#8292)
• cd2469e Fix navbar line break in header (#8437)
• 687c4eb Change arrow functions to function declarations (#8412)

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs