Snyk has created this PR to upgrade react-native from 0.71.7 to 0.74.2.
:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
- The recommended version is **338 versions** ahead of your current version.
- The recommended version was released on **a month ago**.
#### Issues fixed by the recommended upgrade:
| | Issue | Score | Exploit Maturity |
:-------------------------:|:-------------------------|:-------------------------|:-------------------------
![critical severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/c.png 'critical severity') | Incomplete List of Disallowed Inputs [SNYK-JS-BABELTRAVERSE-5962462](https://snyk.io/vuln/SNYK-JS-BABELTRAVERSE-5962462) | **235** | Proof of Concept
![high severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png 'high severity') | Regular Expression Denial of Service (ReDoS) [SNYK-JS-SEMVER-3247795](https://snyk.io/vuln/SNYK-JS-SEMVER-3247795) | **235** | Proof of Concept
![high severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png 'high severity') | Regular Expression Denial of Service (ReDoS) [SNYK-JS-SEMVER-3247795](https://snyk.io/vuln/SNYK-JS-SEMVER-3247795) | **235** | Proof of Concept
![high severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png 'high severity') | Prototype Pollution [SNYK-JS-UNSETVALUE-2400660](https://snyk.io/vuln/SNYK-JS-UNSETVALUE-2400660) | **235** | No Known Exploit
![high severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png 'high severity') | Denial of Service (DoS) [SNYK-JS-WS-7266574](https://snyk.io/vuln/SNYK-JS-WS-7266574) | **235** | Proof of Concept
![high severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png 'high severity') | Denial of Service (DoS) [SNYK-JS-WS-7266574](https://snyk.io/vuln/SNYK-JS-WS-7266574) | **235** | Proof of Concept
![high severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png 'high severity') | Regular Expression Denial of Service (ReDoS) [SNYK-JS-FASTXMLPARSER-5668858](https://snyk.io/vuln/SNYK-JS-FASTXMLPARSER-5668858) | **235** | No Known Exploit
![high severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png 'high severity') | Server-side Request Forgery (SSRF) [SNYK-JS-IP-6240864](https://snyk.io/vuln/SNYK-JS-IP-6240864) | **235** | Proof of Concept
![medium severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png 'medium severity') | Server-Side Request Forgery (SSRF) [SNYK-JS-IP-7148531](https://snyk.io/vuln/SNYK-JS-IP-7148531) | **235** | Proof of Concept
![medium severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png 'medium severity') | Improper Authorization [SNYK-JS-REACTDEVTOOLSCORE-6023999](https://snyk.io/vuln/SNYK-JS-REACTDEVTOOLSCORE-6023999) | **235** | Proof of Concept
Release notes Package name: react-native
from react-native GitHub release notes
---
> [!IMPORTANT]
>
> - Check the changes in this PR to ensure they won't cause issues with your project.
> - This PR was automatically created by Snyk using the credentials of a real user.
> - Max score is 1000. Note that the real score may have changed since the PR was raised.
---
**Note:** _You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs._
**For more information:**
> - 🧐 [View latest project report](https://app.snyk.io/org/justice-league-link-sdk-squad/project/e44d8ce2-f4fb-4ffa-8dd7-aac3d14979a5?utm_source=github-enterprise&utm_medium=referral&page=upgrade-pr)
> - 📜 [Customise PR templates](https://docs.snyk.io/scan-using-snyk/pull-requests/snyk-fix-pull-or-merge-requests/customize-pr-templates)
> - 🛠 [Adjust upgrade PR settings](https://app.snyk.io/org/justice-league-link-sdk-squad/project/e44d8ce2-f4fb-4ffa-8dd7-aac3d14979a5/settings/integration?utm_source=github-enterprise&utm_medium=referral&page=upgrade-pr)
> - 🔕 [Ignore this dependency or unsubscribe from future upgrade PRs](https://app.snyk.io/org/justice-league-link-sdk-squad/project/e44d8ce2-f4fb-4ffa-8dd7-aac3d14979a5/settings/integration?pkg=react-native&utm_source=github-enterprise&utm_medium=referral&page=upgrade-pr#auto-dep-upgrades)
This PR was automatically created by Snyk using the credentials of a real user.
![snyk-top-banner](https://github.com/andygongea/OWASP-Benchmark/assets/818805/c518c423-16fe-447e-b67f-ad5a49b5d123)
Snyk has created this PR to upgrade react-native from 0.71.7 to 0.74.2.
:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.- The recommended version is **338 versions** ahead of your current version. - The recommended version was released on **a month ago**. #### Issues fixed by the recommended upgrade: | | Issue | Score | Exploit Maturity | :-------------------------:|:-------------------------|:-------------------------|:------------------------- ![critical severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/c.png 'critical severity') | Incomplete List of Disallowed Inputs
[SNYK-JS-BABELTRAVERSE-5962462](https://snyk.io/vuln/SNYK-JS-BABELTRAVERSE-5962462) | **235** | Proof of Concept ![high severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png 'high severity') | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-SEMVER-3247795](https://snyk.io/vuln/SNYK-JS-SEMVER-3247795) | **235** | Proof of Concept ![high severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png 'high severity') | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-SEMVER-3247795](https://snyk.io/vuln/SNYK-JS-SEMVER-3247795) | **235** | Proof of Concept ![high severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png 'high severity') | Prototype Pollution
[SNYK-JS-UNSETVALUE-2400660](https://snyk.io/vuln/SNYK-JS-UNSETVALUE-2400660) | **235** | No Known Exploit ![high severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png 'high severity') | Denial of Service (DoS)
[SNYK-JS-WS-7266574](https://snyk.io/vuln/SNYK-JS-WS-7266574) | **235** | Proof of Concept ![high severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png 'high severity') | Denial of Service (DoS)
[SNYK-JS-WS-7266574](https://snyk.io/vuln/SNYK-JS-WS-7266574) | **235** | Proof of Concept ![high severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png 'high severity') | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-FASTXMLPARSER-5668858](https://snyk.io/vuln/SNYK-JS-FASTXMLPARSER-5668858) | **235** | No Known Exploit ![high severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png 'high severity') | Server-side Request Forgery (SSRF)
[SNYK-JS-IP-6240864](https://snyk.io/vuln/SNYK-JS-IP-6240864) | **235** | Proof of Concept ![medium severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png 'medium severity') | Server-Side Request Forgery (SSRF)
[SNYK-JS-IP-7148531](https://snyk.io/vuln/SNYK-JS-IP-7148531) | **235** | Proof of Concept ![medium severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png 'medium severity') | Improper Authorization
[SNYK-JS-REACTDEVTOOLSCORE-6023999](https://snyk.io/vuln/SNYK-JS-REACTDEVTOOLSCORE-6023999) | **235** | Proof of Concept
Release notes
Package name: react-native
Added
iOS specific
Changed
Fixed
iOS specific
NSPrivacyAccessedAPITypes
key (4bb94fe by @ renchap)Hermes dSYMS:
You can file issues or pick requests against this release here
To help you upgrade to this version, you can use the upgrade helper ⚛️
You can find the whole changelog history in the changelog.md file.
Added
iOS specific
Fixed
iOS specific
NSPrivacyAccessedAPITypes
key. (fc4e099920 by @ renchap)You can file issues or pick requests against this release here
To help you upgrade to this version, you can use the upgrade helper ⚛️
You can find the whole changelog history in the changelog.md file.