[Snyk] Upgrade react-scripts from 3.3.0 to 3.4.4

[rc042]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade react-scripts from 3.3.0 to 3.4.4.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 6 versions ahead of your current version.
• The recommended version was released 3 years ago, on 2020-10-20.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Prototype Pollution SNYK-JS-NODEFORGE-598677	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Remote Memory Exposure SNYK-JS-DNSPACKET-1293563	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Prototype Pollution SNYK-JS-AJV-584908	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Server-side Request Forgery (SSRF) SNYK-JS-IP-6240864	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-ASYNC-2441827	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-OBJECTPATH-1017036	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-OBJECTPATH-1585658	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Improper Input Validation SNYK-JS-URLPARSE-2407770	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHPARSE-1077067	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-HTMLMINIFIER-3091181	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Denial of Service (DoS) SNYK-JS-HTTPPROXY-569139	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Incomplete List of Disallowed Inputs SNYK-JS-BABELTRAVERSE-5962462	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Information Exposure SNYK-JS-EVENTSOURCE-2823375	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Authorization Bypass Through User-Controlled Key SNYK-JS-URLPARSE-2412697	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-YARGSPARSER-560381	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-YARGSPARSER-560381	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-OBJECTPATH-1569453	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Denial of Service (DoS) SNYK-JS-SOCKJS-575261	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-TERSER-2806366	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-UGLIFYJS-1727251	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Improper Input Validation SNYK-JS-URLPARSE-1078283	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Open Redirect SNYK-JS-URLPARSE-1533425	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Access Restriction Bypass SNYK-JS-URLPARSE-2401205	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Authorization Bypass SNYK-JS-URLPARSE-2407759	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: react-scripts

• 3.4.4 - 2020-10-20
• 3.4.3 - 2020-08-12
• 3.4.2 - 2020-08-11
• 3.4.1 - 2020-03-21
• 3.4.0 - 2020-02-14
• 3.3.1 - 2020-01-31
• 3.3.0 - 2019-12-05

from react-scripts GitHub release notes

Commit messages

Package name: react-scripts

• d2f813f Publish
• 7641a3c Prepare 3.4.1 release
• d5b527f Update to Babel 7.9 (ACW not working centreon/centreon-archived#8681)
• 6adb82a Add React.StrictMode to default templates (enh(host configuration): Added new methods to manage the host configuration centreon/centreon-archived#8558)
• a452ddc Bump dependencies (fix(upgrade): use the final URL for the release notes centreon/centreon-archived#8620)
• 3f699fd Fix proxying API request docs (enh(secu): update composer dependencies centreon/centreon-archived#8515)
• 4d26208 Use native ESLint behaviour when extending (MON-4737 enh(core): split gorgone configuration in different files centreon/centreon-archived#8276)
• 8ba0ccb Whitelist main in template.json (Update prerequisites.rst centreon/centreon-archived#8539)
• 7d3b72c Update template example in docs (fix(ui): allow to order events view by duration centreon/centreon-archived#8561)
• 2030ee1 Fix optional chaining and nullish coalescing support (feat(api): Add details_endpoint property to resource list endpoint centreon/centreon-archived#8526)
• 038e6fa Widen eslint-config-react-app peer dependency versions (Multiple "CURLCOOKIE" file in /tmp dir centreon/centreon-archived#7790)
• 7e6d6cd Closes webpack dev server and exits process on "end" stdin (enh(doc): describe directory of XML files for partitioning centreon/centreon-archived#7203)
• af926d5 Bump pnp-webpack-plugin (Actions based on ACL not available in custom view more actions menu (Schedule immediate check for host) centreon/centreon-archived#8509)
• 8b0dd54 Publish
• 5ccee88 Prepare 3.4.0 release
• e579de1 Downgrade style-loader to v0.23.1 due to CSS modules hot reload… (fix(doc): fix scrollbar issue in API documentation centreon/centreon-archived#8378)
• 4784997 Correct webpack name casing (Mon 4791 bulk actions ack downtime centreon/centreon-archived#8475)
• 589b41a update open to v7.0.2 (fix(UI): Poller and Remote server wizard render looks broken centreon/centreon-archived#8459)
• 865ea05 fix(typescriptFormatter): use chalk@2 constructor (fix(config): fix gorgone config generation for poller not using remote as proxy centreon/centreon-archived#8450)
• d45823c fix(react-scripts): do not redirect served path if request may proxy (feat(api): Shorter syntax for search request on resources centreon/centreon-archived#8442)
• eb8e7be Downgrade chalk for ie 11 support (enh(anomalydetection): add lua parameters from options table centreon/centreon-archived#8439)
• 767aa18 Fixes unchecked access to 'deploy' script on build (Export clapi duplicates contacts centreon/centreon-archived#8292)
• cd2469e Fix navbar line break in header (fix(api): Resource::list return empty list if the regex is not valid centreon/centreon-archived#8437)
• 687c4eb Change arrow functions to function declarations (fix(api): fix options retrieval issue centreon/centreon-archived#8412)

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs