Vulnerabilities > Facebook > React DEV Utils

DATE CVE VULNERABILITY TITLE RISK
2021-03-09 CVE-2021-24033 OS Command Injection vulnerability in Facebook React-Dev-Utils
react-dev-utils prior to v11.0.4 exposes a function, getProcessForPort, where an input argument is concatenated into a command string to be executed.
network
high complexity
facebook CWE-78
5.6
5.6
2018-12-31 CVE-2018-6342 OS Command Injection vulnerability in Facebook React-Dev-Utils
react-dev-utils on Windows allows developers to run a local webserver for accepting various commands, including a command to launch an editor.
network
low complexity
facebook CWE-78
critical
 9.8
9.8