[Snyk] Upgrade react-scripts from 4.0.2 to 4.0.3

[humanbot]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade react-scripts from 4.0.2 to 4.0.3.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 1 version ahead of your current version.

• The recommended version was released 3 years ago, on 2021-02-22.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Improper Input Validation SNYK-JS-FOLLOWREDIRECTS-6141137	372/1000 Why? Proof of Concept exploit, CVSS 5.3	Proof of Concept
	Prototype Pollution SNYK-JS-IMMER-1019369	372/1000 Why? Proof of Concept exploit, CVSS 5.3	Proof of Concept
	Prototype Pollution SNYK-JS-ASYNC-2441827	372/1000 Why? Proof of Concept exploit, CVSS 5.3	Proof of Concept
	Server-side Request Forgery (SSRF) SNYK-JS-IP-6240864	372/1000 Why? Proof of Concept exploit, CVSS 5.3	Proof of Concept
	Remote Memory Exposure SNYK-JS-DNSPACKET-1293563	372/1000 Why? Proof of Concept exploit, CVSS 5.3	No Known Exploit
	Improper Input Validation SNYK-JS-URLPARSE-2407770	372/1000 Why? Proof of Concept exploit, CVSS 5.3	Proof of Concept
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-2332181	372/1000 Why? Proof of Concept exploit, CVSS 5.3	Proof of Concept
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-6444610	372/1000 Why? Proof of Concept exploit, CVSS 5.3	Proof of Concept
	Command Injection SNYK-JS-REACTDEVUTILS-1083268	372/1000 Why? Proof of Concept exploit, CVSS 5.3	Proof of Concept
	Open Redirect SNYK-JS-URLPARSE-1533425	372/1000 Why? Proof of Concept exploit, CVSS 5.3	Proof of Concept
	Access Restriction Bypass SNYK-JS-URLPARSE-2401205	372/1000 Why? Proof of Concept exploit, CVSS 5.3	Proof of Concept
	Information Exposure SNYK-JS-EVENTSOURCE-2823375	372/1000 Why? Proof of Concept exploit, CVSS 5.3	Proof of Concept
	Authorization Bypass SNYK-JS-URLPARSE-2407759	372/1000 Why? Proof of Concept exploit, CVSS 5.3	Proof of Concept
	Authorization Bypass Through User-Controlled Key SNYK-JS-URLPARSE-2412697	372/1000 Why? Proof of Concept exploit, CVSS 5.3	Proof of Concept
	Open Redirect SNYK-JS-EXPRESS-6474509	372/1000 Why? Proof of Concept exploit, CVSS 5.3	No Known Exploit
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-2396346	372/1000 Why? Proof of Concept exploit, CVSS 5.3	No Known Exploit
	Prototype Pollution SNYK-JS-MINIMIST-2429795	372/1000 Why? Proof of Concept exploit, CVSS 5.3	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: react-scripts

• 4.0.3 - 2021-02-22
• 4.0.2 - 2021-02-03

from react-scripts GitHub release notes

Commit messages

Package name: react-scripts

• f92c37a Publish
• cce32fa Update CHANGELOG
• f710976 Prepare 4.0.3 release
• 6947896 update immer to 8.0.1 to address vulnerability (#10412)
• 18b5962 Upgrade eslint-webpack-plugin to fix opt-out flag (#10590)
• 9722ef1 Bump webpack-dev-server 3.11.0 -> 3.11.1 (#10312)
• 3f5dea9 tests: update test case to match the description (#10384)

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Note: This is a default PR template raised by Snyk. Find out more about how you can customise Snyk PRs in our documentation.