项目引用了shell-quote等797个开源组件，存在2个漏洞，建议升级

[ghost]

大佬，你好，我是@abbykimi，我IDE运行您这个项目的时候，提示有几个漏洞，项目调用了shell-quote等797个开源组件，存在2个安全漏洞，建议你升级下。

漏洞标题：shell-quote 安全漏洞
漏洞编号：CVE-2021-42740
漏洞描述：
shell-quote是开源的一个软件包。用于解析和引用 shell 命令。
shell-quote package存在安全漏洞，攻击者可利用该漏洞可以植入任意代码从而执行相关操作。
影响范围：(∞, 1.7.3)
最小修复版本：1.7.3
引入路径：
reactNativeWebBrowserApp@0.0.1->react-native@0.65.1->@react-native-community/cli@6.0.1->@react-native-community/cli-tools@6.0.0-rc.0->shell-quote@1.7.2
reactNativeWebBrowserApp@0.0.1->react-native@0.65.1->@react-native-community/cli@6.0.1->@react-native-community/cli-hermes@6.0.1->@react-native-community/cli-tools@6.0.0-rc.0->shell-quote@1.7.2
reactNativeWebBrowserApp@0.0.1->react-native@0.65.1->react-devtools-core@4.19.1->shell-quote@1.7.2
reactNativeWebBrowserApp@0.0.1->react-native@0.65.1->@react-native-community/cli-platform-android@6.0.1->@react-native-community/cli-tools@6.0.0-rc.0->shell-quote@1.7.2
reactNativeWebBrowserApp@0.0.1->react-native@0.65.1->@react-native-community/cli-platform-ios@6.0.0->@react-native-community/cli-tools@6.0.0-rc.0->shell-quote@1.7.2
reactNativeWebBrowserApp@0.0.1->react-native@0.65.1->@react-native-community/cli@6.0.1->@react-native-community/cli-server-api@6.0.0-rc.0->@react-native-community/cli-tools@6.0.0-rc.0->shell-quote@1.7.2

另外1个漏洞 ，信息有点多我就不贴了，你自己看下完整报告：<remove potentially dangerous URL|删除有潜在危险的链接>

如果你对这个issues有任何疑问可以回复我哈( @abbykimi )，我会及时回复你的。

[Triex]

Potential spam, investigate issue post updates. *

Translation noted:

Hello, my name is @abbykimi. When my IDE runs your project, it shows that there are several loopholes. The project calls 797 open source components such as shell-quote, and there are 2 security loopholes. It is recommended that you upgrade.

Vulnerability title: shell-quote security vulnerability
Vulnerability ID: CVE-2021-42740
Vulnerability description:
shell-quote is an open source software package. Used to parse and quote shell commands.
The shell-quote package has security flaws that allow attackers to plant arbitrary code to perform related operations.
Scope of influence: (∞, 1.7.3)
Min fix version: 1.7.3
Import path:
reactNativeWebBrowserApp@0.0.1->react-native@0.65.1->@react-native-community/cli@6.0.1->@react-native-community/cli-tools@6.0.0-rc.0-> shell-quote@1.7.2
reactNativeWebBrowserApp@0.0.1->react-native@0.65.1->@react-native-community/cli@6.0.1->@react-native-community/cli-hermes@6.0.1->@react-native -community/cli-tools@6.0.0-rc.0->shell-quote@1.7.2
reactNativeWebBrowserApp@0.0.1->react-native@0.65.1->react-devtools-core@4.19.1->shell-quote@1.7.2
reactNativeWebBrowserApp@0.0.1->react-native@0.65.1->@react-native-community/cli-platform-android@6.0.1->@react-native-community/cli-tools@6.0.0-rc .0->shell-quote@1.7.2
reactNativeWebBrowserApp@0.0.1->react-native@0.65.1->@react-native-community/cli-platform-ios@6.0.0->@react-native-community/cli-tools@6.0.0-rc .0->shell-quote@1.7.2
reactNativeWebBrowserApp@0.0.1->react-native@0.65.1->@react-native-community/cli@6.0.1->@react-native-community/cli-server-api@6.0.0-rc.0 ->@react-native-community/cli-tools@6.0.0-rc.0->shell-quote@1.7.2

Another vulnerability, I won't post it if there is too much information, you can read the full report for yourself:

If you have any questions about this issue, feel free to reply me ( @abbykimi ) and I will get back to you in time.