Skip to content

6 high severity vulnerabilities in CRA with react-scripts latest version #13059

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
pranay-dev-1 opened this issue Mar 13, 2023 · 1 comment · May be fixed by #13778
Open

6 high severity vulnerabilities in CRA with react-scripts latest version #13059

pranay-dev-1 opened this issue Mar 13, 2023 · 1 comment · May be fixed by #13778
Labels
issue: bug report needs triage

Comments

@pranay-dev-1
Copy link

C:\Users**re\workspace>npm audit
npm WARN config global --global, --local are deprecated. Use --location=global instead.

npm audit report

nth-check <2.0.1
Severity: high
Inefficient Regular Expression Complexity in nth-check - GHSA-rp65-9cf3-cjxr
fix available via npm audit fix --force
Will install [email protected], which is a breaking change
node_modules/svgo/node_modules/nth-check
css-select <=3.1.0
Depends on vulnerable versions of nth-check
node_modules/svgo/node_modules/css-select
svgo 1.0.0 - 1.3.2
Depends on vulnerable versions of css-select
node_modules/svgo
@svgr/plugin-svgo <=5.5.0
Depends on vulnerable versions of svgo
node_modules/@svgr/plugin-svgo
@svgr/webpack 4.0.0 - 5.5.0
Depends on vulnerable versions of @svgr/plugin-svgo
node_modules/@svgr/webpack
react-scripts >=2.1.4
Depends on vulnerable versions of @svgr/webpack
node_modules/react-scripts

6 high severity vulnerabilities
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
issue: bug report needs triage
Projects
None yet
Milestone
No milestone
2 participants
@getsalty @pranay-dev-1