Vulnerabilities > Facebook > React DEV Utils > 1.0.0

DATE CVE VULNERABILITY TITLE RISK
2021-03-09 CVE-2021-24033 OS Command Injection vulnerability in Facebook React-Dev-Utils
react-dev-utils prior to v11.0.4 exposes a function, getProcessForPort, where an input argument is concatenated into a command string to be executed.
network
facebook CWE-78
6.8
6.8
2018-12-31 CVE-2018-6342 OS Command Injection vulnerability in Facebook React-Dev-Utils
react-dev-utils on Windows allows developers to run a local webserver for accepting various commands, including a command to launch an editor.
network
low complexity
facebook CWE-78
critical
 10.0
10