react-dev-utils

CVEs (2)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2021-24033	Facebook react-dev-utils		0.00	—	0.01		Mar 9, 2021	react-dev-utils prior to v11.0.4 exposes a function, getProcessForPort, where an input argument is concatenated into a command string to be executed. This function is typically used from react-scripts (in Create React App projects), where the usage is safe. Only when this…
CVE-2018-6342	Facebook react-dev-utils		0.00	—	0.01		Dec 31, 2018	react-dev-utils on Windows allows developers to run a local webserver for accepting various commands, including a command to launch an editor. The input to that command was not properly sanitized, allowing an attacker who can make a network request to the server (either via CSRF…

CVE-2021-24033Mar 9, 2021
Facebook
react-dev-utils
risk 0.00cvss —epss 0.01
react-dev-utils prior to v11.0.4 exposes a function, getProcessForPort, where an input argument is concatenated into a command string to be executed. This function is typically used from react-scripts (in Create React App projects), where the usage is safe. Only when this…
CVE-2018-6342Dec 31, 2018
Facebook
react-dev-utils
risk 0.00cvss —epss 0.01
react-dev-utils on Windows allows developers to run a local webserver for accepting various commands, including a command to launch an editor. The input to that command was not properly sanitized, allowing an attacker who can make a network request to the server (either via CSRF…