react-dev-utils (npm) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the npm package react-dev-utils, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (2)
CVE-2018-6342 — CVSS 9.8 (critical): react-dev-utils on Windows allows developers to run a local webserver for accepting various commands, including a command to launch an…
CVE-2021-24033 — CVSS 5.6 (medium): react-dev-utils prior to v11.0.4 exposes a function, getProcessForPort, where an input argument is concatenated into a command string to be…