Update dependency react-dev-utils to v12 [SECURITY] by renovate[bot] · Pull Request #28 · Ryand1234/Online-Ide

renovate · 2021-04-26T12:37:08Z

This PR contains the following updates:

Package	Change	Age	Confidence
react-dev-utils (source)	`^10.2.1` → `^12.0.0`

GitHub Vulnerability Alerts

CVE-2021-24033

react-dev-utils prior to v11.0.4 exposes a function, getProcessForPort, where an input argument is concatenated into a command string to be executed. This function is typically used from react-scripts (in Create React App projects), where the usage is safe. Only when this function is manually invoked with user-provided values (ie: by custom code) is there the potential for command injection. If you're consuming it from react-scripts then this issue does not affect you.

Severity

CVSS Score: 5.6 / 10 (Medium)
Vector String: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

Release Notes

facebook/create-react-app (react-dev-utils)

Configuration

📅 Schedule: (UTC)

Branch creation
- ""
Automerge
- At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

renovate Bot changed the title ~~Pin dependency react-dev-utils to v10.2.1 [SECURITY]~~ Pin dependency react-dev-utils to 10.2.1 [SECURITY] May 9, 2021

renovate Bot force-pushed the renovate/npm-react-dev-utils-vulnerability branch from a65e8c4 to f6524f2 Compare May 15, 2021 19:52

renovate Bot changed the title ~~Pin dependency react-dev-utils to 10.2.1 [SECURITY]~~ Update dependency react-dev-utils to v11 [SECURITY] May 15, 2021

renovate Bot changed the title ~~Update dependency react-dev-utils to v11 [SECURITY]~~ Pin dependency react-dev-utils to v10.2.1 [SECURITY] Jun 6, 2021

renovate Bot force-pushed the renovate/npm-react-dev-utils-vulnerability branch from f6524f2 to cd229d3 Compare June 6, 2021 21:53

renovate Bot changed the title ~~Pin dependency react-dev-utils to v10.2.1 [SECURITY]~~ Pin dependency react-dev-utils to v [SECURITY] Mar 7, 2022

renovate Bot changed the title ~~Pin dependency react-dev-utils to v [SECURITY]~~ Pin dependency react-dev-utils to v10.2.1 [SECURITY] Sep 25, 2022

renovate Bot force-pushed the renovate/npm-react-dev-utils-vulnerability branch from cd229d3 to 984339a Compare November 20, 2022 09:51

renovate Bot changed the title ~~Pin dependency react-dev-utils to v10.2.1 [SECURITY]~~ Update dependency react-dev-utils to v12 [SECURITY] Nov 20, 2022

renovate Bot changed the title ~~Update dependency react-dev-utils to v12 [SECURITY]~~ Update dependency react-dev-utils to v11 [SECURITY] Mar 27, 2023

renovate Bot force-pushed the renovate/npm-react-dev-utils-vulnerability branch from 984339a to 0f21413 Compare March 27, 2023 07:26

renovate Bot force-pushed the renovate/npm-react-dev-utils-vulnerability branch from 0f21413 to bcd9b0c Compare May 28, 2023 17:55

renovate Bot changed the title ~~Update dependency react-dev-utils to v11 [SECURITY]~~ Update dependency react-dev-utils to v12 [SECURITY] May 28, 2023

renovate Bot force-pushed the renovate/npm-react-dev-utils-vulnerability branch from bcd9b0c to 1cf4283 Compare June 2, 2023 05:56

renovate Bot changed the title ~~Update dependency react-dev-utils to v12 [SECURITY]~~ Update dependency react-dev-utils to v11 [SECURITY] Jun 2, 2023

renovate Bot force-pushed the renovate/npm-react-dev-utils-vulnerability branch from 1cf4283 to 4886b88 Compare June 10, 2023 02:17

renovate Bot changed the title ~~Update dependency react-dev-utils to v11 [SECURITY]~~ Update dependency react-dev-utils to v12 [SECURITY] Jun 10, 2023

renovate Bot force-pushed the renovate/npm-react-dev-utils-vulnerability branch from 4886b88 to ab3fb16 Compare June 11, 2023 08:11

renovate Bot changed the title ~~Update dependency react-dev-utils to v12 [SECURITY]~~ Update dependency react-dev-utils to v11 [SECURITY] Jun 11, 2023

renovate Bot force-pushed the renovate/npm-react-dev-utils-vulnerability branch from ab3fb16 to 44c2aff Compare June 14, 2023 23:57

renovate Bot changed the title ~~Update dependency react-dev-utils to v11 [SECURITY]~~ Update dependency react-dev-utils to v12 [SECURITY] Jun 14, 2023

renovate Bot force-pushed the renovate/npm-react-dev-utils-vulnerability branch from 44c2aff to b779022 Compare June 17, 2023 02:34

renovate Bot changed the title ~~Update dependency react-dev-utils to v12 [SECURITY]~~ Update dependency react-dev-utils to v11 [SECURITY] Jun 17, 2023

renovate Bot force-pushed the renovate/npm-react-dev-utils-vulnerability branch from b779022 to e659643 Compare June 18, 2023 17:25

renovate Bot changed the title ~~Update dependency react-dev-utils to v11 [SECURITY]~~ Update dependency react-dev-utils to v12 [SECURITY] Jun 18, 2023

renovate Bot force-pushed the renovate/npm-react-dev-utils-vulnerability branch from e659643 to 62b5413 Compare June 19, 2023 02:42

renovate Bot changed the title ~~Update dependency react-dev-utils to v12 [SECURITY]~~ Update dependency react-dev-utils to v11 [SECURITY] Jun 19, 2023

renovate Bot force-pushed the renovate/npm-react-dev-utils-vulnerability branch from 62b5413 to 4678721 Compare June 22, 2023 17:54

renovate Bot changed the title ~~Update dependency react-dev-utils to v11 [SECURITY]~~ Update dependency react-dev-utils to v12 [SECURITY] Jun 22, 2023

renovate Bot changed the title ~~Update dependency react-dev-utils to v12 [SECURITY]~~ Update dependency react-dev-utils to v11 [SECURITY] Jun 23, 2023

renovate Bot force-pushed the renovate/npm-react-dev-utils-vulnerability branch from 67b1cfe to ce5571b Compare July 12, 2023 02:40

renovate Bot changed the title ~~Update dependency react-dev-utils to v12 [SECURITY]~~ Update dependency react-dev-utils to v11 [SECURITY] Jul 12, 2023

renovate Bot force-pushed the renovate/npm-react-dev-utils-vulnerability branch from ce5571b to 0b735f6 Compare July 17, 2023 05:37

renovate Bot changed the title ~~Update dependency react-dev-utils to v11 [SECURITY]~~ Update dependency react-dev-utils to v12 [SECURITY] Jul 17, 2023

renovate Bot force-pushed the renovate/npm-react-dev-utils-vulnerability branch from 0b735f6 to 4d65b9a Compare July 18, 2023 08:38

renovate Bot changed the title ~~Update dependency react-dev-utils to v12 [SECURITY]~~ Update dependency react-dev-utils to v11 [SECURITY] Jul 18, 2023

renovate Bot force-pushed the renovate/npm-react-dev-utils-vulnerability branch from 4d65b9a to dd3f897 Compare July 19, 2023 23:22

renovate Bot changed the title ~~Update dependency react-dev-utils to v11 [SECURITY]~~ Update dependency react-dev-utils to v12 [SECURITY] Jul 19, 2023

renovate Bot changed the title ~~Update dependency react-dev-utils to v12 [SECURITY]~~ Update dependency react-dev-utils to v11 [SECURITY] Jul 20, 2023

renovate Bot force-pushed the renovate/npm-react-dev-utils-vulnerability branch from dd3f897 to 91ee5a0 Compare July 20, 2023 05:45

renovate Bot force-pushed the renovate/npm-react-dev-utils-vulnerability branch from 91ee5a0 to 25f0122 Compare July 28, 2023 05:52

renovate Bot changed the title ~~Update dependency react-dev-utils to v11 [SECURITY]~~ Update dependency react-dev-utils to v12 [SECURITY] Jul 28, 2023

renovate Bot force-pushed the renovate/npm-react-dev-utils-vulnerability branch from 25f0122 to 519645c Compare July 29, 2023 05:44

renovate Bot changed the title ~~Update dependency react-dev-utils to v12 [SECURITY]~~ Update dependency react-dev-utils to v11 [SECURITY] Jul 29, 2023

renovate Bot force-pushed the renovate/npm-react-dev-utils-vulnerability branch from 519645c to 15db171 Compare August 2, 2023 05:37

renovate Bot changed the title ~~Update dependency react-dev-utils to v11 [SECURITY]~~ Update dependency react-dev-utils to v12 [SECURITY] Aug 2, 2023

renovate Bot force-pushed the renovate/npm-react-dev-utils-vulnerability branch from 15db171 to 2530cea Compare August 3, 2023 20:37

renovate Bot changed the title ~~Update dependency react-dev-utils to v12 [SECURITY]~~ Update dependency react-dev-utils to v11 [SECURITY] Aug 3, 2023

renovate Bot force-pushed the renovate/npm-react-dev-utils-vulnerability branch from 2530cea to e88d69a Compare August 11, 2023 02:42

renovate Bot changed the title ~~Update dependency react-dev-utils to v11 [SECURITY]~~ Update dependency react-dev-utils to v12 [SECURITY] Aug 11, 2023

renovate Bot force-pushed the renovate/npm-react-dev-utils-vulnerability branch from e88d69a to 7ccf03f Compare August 12, 2023 05:44

renovate Bot changed the title ~~Update dependency react-dev-utils to v12 [SECURITY]~~ Update dependency react-dev-utils to v11 [SECURITY] Aug 12, 2023

renovate Bot force-pushed the renovate/npm-react-dev-utils-vulnerability branch from 7ccf03f to 11eb367 Compare August 23, 2023 08:59

renovate Bot changed the title ~~Update dependency react-dev-utils to v11 [SECURITY]~~ Update dependency react-dev-utils to v12 [SECURITY] Aug 23, 2023

renovate Bot force-pushed the renovate/npm-react-dev-utils-vulnerability branch from 11eb367 to 82f683e Compare August 26, 2023 11:56

renovate Bot changed the title ~~Update dependency react-dev-utils to v12 [SECURITY]~~ Update dependency react-dev-utils to v11 [SECURITY] Aug 26, 2023

renovate Bot force-pushed the renovate/npm-react-dev-utils-vulnerability branch from 82f683e to dbaeaff Compare August 27, 2023 14:54

renovate Bot changed the title ~~Update dependency react-dev-utils to v11 [SECURITY]~~ Update dependency react-dev-utils to v12 [SECURITY] Aug 27, 2023

renovate Bot force-pushed the renovate/npm-react-dev-utils-vulnerability branch from dbaeaff to 18c52d9 Compare August 28, 2023 17:59

Update dependency react-dev-utils to v12 [SECURITY]

b9b2889

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Update dependency react-dev-utils to v12 [SECURITY]#28

Update dependency react-dev-utils to v12 [SECURITY]#28
renovate[bot] wants to merge 1 commit intomasterfrom
renovate/npm-react-dev-utils-vulnerability

renovate Bot commented Apr 26, 2021 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

renovate Bot commented Apr 26, 2021 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

GitHub Vulnerability Alerts

CVE-2021-24033

Severity

Release Notes

v12.0.1

v11.0.3

v11.0.2

v11.0.1

v11.0.0

Configuration

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

renovate Bot commented Apr 26, 2021 •

edited

Loading

`v12.0.1`

`v11.0.3`

`v11.0.2`

`v11.0.1`

`v11.0.0`