Facebook React Dev Utils
By the Year
In 2024 there have been 0 vulnerabilities in Facebook React Dev Utils . React Dev Utils did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 1 | 5.60 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new React Dev Utils vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Facebook React Dev Utils Security Vulnerabilities
react-dev-utils prior to v11.0.4 exposes a function
CVE-2021-24033
5.6 - Medium
- March 09, 2021
react-dev-utils prior to v11.0.4 exposes a function, getProcessForPort, where an input argument is concatenated into a command string to be executed. This function is typically used from react-scripts (in Create React App projects), where the usage is safe. Only when this function is manually invoked with user-provided values (ie: by custom code) is there the potential for command injection. If you're consuming it from react-scripts then this issue does not affect you.
Shell injection
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Facebook React Dev Utils or by Facebook? Click the Watch button to subscribe.
