[Snyk] Upgrade react-scripts from 3.4.0 to 3.4.4

[snyk-bot]

Snyk has created this PR to upgrade react-scripts from 3.4.0 to 3.4.4.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 4 versions ahead of your current version.
• The recommended version was released a year ago, on 2020-10-20.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Regular Expression Denial of Service (ReDoS) SNYK-JS-TMPL-1583443	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SSRI-1246392	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SSRI-1246392	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Arbitrary Code Injection SNYK-JS-SERIALIZEJAVASCRIPT-570062	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Prototype Pollution SNYK-JS-OBJECTPATH-1585658	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
	Prototype Pollution SNYK-JS-OBJECTPATH-1017036	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Prototype Pollution SNYK-JS-NODEFORGE-598677	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Prototype Pollution SNYK-JS-MERGEDEEP-1070277	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
	Cryptographic Issues SNYK-JS-ELLIPTIC-571484	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Remote Memory Exposure SNYK-JS-DNSPACKET-1293563	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
	Prototype Pollution SNYK-JS-AJV-584908	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ACORN-559469	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ACORN-559469	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
	Prototype Pollution SNYK-JS-YARGSPARSER-560381	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Prototype Pollution SNYK-JS-YARGSPARSER-560381	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-WS-1296835	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-WS-1296835	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Open Redirect SNYK-JS-URLPARSE-1533425	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Improper Input Validation SNYK-JS-URLPARSE-1078283	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
	Denial of Service (DoS) SNYK-JS-SOCKJS-575261	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PROMPTS-1729737	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHPARSE-1077067	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Prototype Pollution SNYK-JS-OBJECTPATH-1569453	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
	Command Injection SNYK-JS-NODENOTIFIER-1035794	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ISSVG-1243891	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ISSVG-1085627	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Denial of Service (DoS) SNYK-JS-HTTPPROXY-569139	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-HOSTEDGITINFO-1088355	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Cryptographic Issues SNYK-JS-ELLIPTIC-1064899	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-COLORSTRING-1082939	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: react-scripts

• 3.4.4 - 2020-10-20
• 3.4.3 - 2020-08-12
• 3.4.2 - 2020-08-11
• 3.4.1 - 2020-03-21
• 3.4.0 - 2020-02-14

from react-scripts GitHub release notes

Commit messages

Package name: react-scripts

• d2f813f Publish
• 7641a3c Prepare 3.4.1 release
• d5b527f Update to Babel 7.9 (#8681)
• 6adb82a Add React.StrictMode to default templates (#8558)
• a452ddc Bump dependencies (#8620)
• 3f699fd Fix proxying API request docs (#8515)
• 4d26208 Use native ESLint behaviour when extending (#8276)
• 8ba0ccb Whitelist main in template.json (#8539)
• 7d3b72c Update template example in docs (#8561)
• 2030ee1 Fix optional chaining and nullish coalescing support (#8526)
• 038e6fa Widen eslint-config-react-app peer dependency versions (#7790)
• 7e6d6cd Closes webpack dev server and exits process on "end" stdin (#7203)
• af926d5 Bump pnp-webpack-plugin (#8509)

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs