[Snyk] Fix for 31 vulnerabilities

[monizb]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

#### Changes included in this PR - Changes to the following files to upgrade the vulnerable dependencies to a fixed version: - package.json - package-lock.json #### Vulnerabilities that will be fixed ##### With an upgrade: Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity :-------------------------:|-------------------------|:-------------------------|:-------------------------|:-------------------------  | **696/1000**
**Why?** Proof of Concept exploit, Has a fix available, CVSS 7.5 | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-ANSIREGEX-1583908](https://snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908) | Yes | Proof of Concept  | **586/1000**
**Why?** Proof of Concept exploit, Has a fix available, CVSS 5.3 | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-BROWSERSLIST-1090194](https://snyk.io/vuln/SNYK-JS-BROWSERSLIST-1090194) | Yes | Proof of Concept  | **601/1000**
**Why?** Proof of Concept exploit, Has a fix available, CVSS 5.6 | Prototype Pollution
[SNYK-JS-FIREBASEUTIL-1038324](https://snyk.io/vuln/SNYK-JS-FIREBASEUTIL-1038324) | Yes | Proof of Concept  | **586/1000**
**Why?** Proof of Concept exploit, Has a fix available, CVSS 5.3 | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-GLOBPARENT-1016905](https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905) | Yes | Proof of Concept  | **484/1000**
**Why?** Has a fix available, CVSS 5.4 | Open Redirect
[SNYK-JS-GOT-2932019](https://snyk.io/vuln/SNYK-JS-GOT-2932019) | Yes | No Known Exploit  | **696/1000**
**Why?** Proof of Concept exploit, Has a fix available, CVSS 7.5 | Prototype Pollution
[SNYK-JS-IMMER-1019369](https://snyk.io/vuln/SNYK-JS-IMMER-1019369) | Yes | Proof of Concept  | **601/1000**
**Why?** Proof of Concept exploit, Has a fix available, CVSS 5.6 | Prototype Pollution
[SNYK-JS-IMMER-1540542](https://snyk.io/vuln/SNYK-JS-IMMER-1540542) | Yes | Proof of Concept  | **429/1000**
**Why?** Has a fix available, CVSS 4.3 | Reverse Tabnabbing
[SNYK-JS-ISTANBULREPORTS-2328088](https://snyk.io/vuln/SNYK-JS-ISTANBULREPORTS-2328088) | Yes | No Known Exploit  | **641/1000**
**Why?** Proof of Concept exploit, Has a fix available, CVSS 6.4 | Prototype Pollution
[SNYK-JS-JSON5-3182856](https://snyk.io/vuln/SNYK-JS-JSON5-3182856) | Yes | Proof of Concept  | **479/1000**
**Why?** Has a fix available, CVSS 5.3 | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-LOADERUTILS-3042992](https://snyk.io/vuln/SNYK-JS-LOADERUTILS-3042992) | Yes | No Known Exploit  | **589/1000**
**Why?** Has a fix available, CVSS 7.5 | Prototype Pollution
[SNYK-JS-LOADERUTILS-3043105](https://snyk.io/vuln/SNYK-JS-LOADERUTILS-3043105) | Yes | No Known Exploit  | **479/1000**
**Why?** Has a fix available, CVSS 5.3 | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-LOADERUTILS-3105943](https://snyk.io/vuln/SNYK-JS-LOADERUTILS-3105943) | Yes | No Known Exploit  | **586/1000**
**Why?** Proof of Concept exploit, Has a fix available, CVSS 5.3 | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-LODASH-1018905](https://snyk.io/vuln/SNYK-JS-LODASH-1018905) | Yes | Proof of Concept  | **681/1000**
**Why?** Proof of Concept exploit, Has a fix available, CVSS 7.2 | Command Injection
[SNYK-JS-LODASH-1040724](https://snyk.io/vuln/SNYK-JS-LODASH-1040724) | Yes | Proof of Concept  | **479/1000**
**Why?** Has a fix available, CVSS 5.3 | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-MINIMATCH-3050818](https://snyk.io/vuln/SNYK-JS-MINIMATCH-3050818) | Yes | No Known Exploit  | **506/1000**
**Why?** Proof of Concept exploit, Has a fix available, CVSS 3.7 | Prototype Pollution
[SNYK-JS-MINIMIST-2429795](https://snyk.io/vuln/SNYK-JS-MINIMIST-2429795) | Yes | Proof of Concept  | **589/1000**
**Why?** Has a fix available, CVSS 7.5 | Directory Traversal
[SNYK-JS-MOMENT-2440688](https://snyk.io/vuln/SNYK-JS-MOMENT-2440688) | No | No Known Exploit  | **696/1000**
**Why?** Proof of Concept exploit, Has a fix available, CVSS 7.5 | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-MOMENT-2944238](https://snyk.io/vuln/SNYK-JS-MOMENT-2944238) | No | Proof of Concept  | **521/1000**
**Why?** Proof of Concept exploit, Has a fix available, CVSS 4 | Information Exposure
[SNYK-JS-NANOID-2332193](https://snyk.io/vuln/SNYK-JS-NANOID-2332193) | No | Proof of Concept  | **539/1000**
**Why?** Has a fix available, CVSS 6.5 | Information Exposure
[SNYK-JS-NODEFETCH-2342118](https://snyk.io/vuln/SNYK-JS-NODEFETCH-2342118) | Yes | No Known Exploit  | **696/1000**
**Why?** Proof of Concept exploit, Has a fix available, CVSS 7.5 | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-NTHCHECK-1586032](https://snyk.io/vuln/SNYK-JS-NTHCHECK-1586032) | Yes | Proof of Concept  | **686/1000**
**Why?** Proof of Concept exploit, Has a fix available, CVSS 7.3 | Prototype Pollution
[SNYK-JS-OBJECTPATH-1017036](https://snyk.io/vuln/SNYK-JS-OBJECTPATH-1017036) | No | Proof of Concept  | **601/1000**
**Why?** Proof of Concept exploit, Has a fix available, CVSS 5.6 | Prototype Pollution
[SNYK-JS-OBJECTPATH-1569453](https://snyk.io/vuln/SNYK-JS-OBJECTPATH-1569453) | No | Proof of Concept  | **590/1000**
**Why?** Has a fix available, CVSS 7.3 | Prototype Pollution
[SNYK-JS-OBJECTPATH-1585658](https://snyk.io/vuln/SNYK-JS-OBJECTPATH-1585658) | No | No Known Exploit  | **586/1000**
**Why?** Proof of Concept exploit, Has a fix available, CVSS 5.3 | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-POSTCSS-1090595](https://snyk.io/vuln/SNYK-JS-POSTCSS-1090595) | Yes | Proof of Concept  | **586/1000**
**Why?** Proof of Concept exploit, Has a fix available, CVSS 5.3 | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-POSTCSS-1255640](https://snyk.io/vuln/SNYK-JS-POSTCSS-1255640) | Yes | Proof of Concept  | **601/1000**
**Why?** Proof of Concept exploit, Has a fix available, CVSS 5.6 | Command Injection
[SNYK-JS-REACTDEVUTILS-1083268](https://snyk.io/vuln/SNYK-JS-REACTDEVUTILS-1083268) | Yes | Proof of Concept  | **619/1000**
**Why?** Has a fix available, CVSS 8.1 | Remote Code Execution (RCE)
[SNYK-JS-SHELLQUOTE-1766506](https://snyk.io/vuln/SNYK-JS-SHELLQUOTE-1766506) | Yes | No Known Exploit  | **479/1000**
**Why?** Has a fix available, CVSS 5.3 | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-TERSER-2806366](https://snyk.io/vuln/SNYK-JS-TERSER-2806366) | Yes | No Known Exploit  | **696/1000**
**Why?** Proof of Concept exploit, Has a fix available, CVSS 7.5 | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-UAPARSERJS-1023599](https://snyk.io/vuln/SNYK-JS-UAPARSERJS-1023599) | No | Proof of Concept  | **616/1000**
**Why?** Proof of Concept exploit, Has a fix available, CVSS 5.9 | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-UAPARSERJS-1072471](https://snyk.io/vuln/SNYK-JS-UAPARSERJS-1072471) | No | Proof of Concept (*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: public-ip

The new version differs by 9 commits.

• 085c725 5.0.0
• d353d7c Throw a special error subclass when the public IP address could not be found
• e53d7fe Require Node.js 14 and move to ESM
• 4fcb341 4.0.4
• 90c3e4e Bump dns-socket from ^4.2.1 to ^4.2.2 (#57)
• 63c9075 4.0.3
• f0a7f07 Fix problem with calling the browser version concurrently (#53)
• af541b8 Move to GitHub Actions
• 90c08c5 Fix typo (#51)

See the full diff

Package name: react-scripts

The new version differs by 238 commits.

• 221e511 Publish
• 6a3315b Update CONTRIBUTING.md
• 5614c87 Add support for Tailwind (#11717)
• 657739f chore(test): make all tests install with `npm ci` (#11723)
• 20edab4 fix(webpackDevServer): disable overlay for warnings (#11413)
• 69321b0 Remove cached lockfile (#11706)
• 3afbbc0 Update all dependencies (#11624)
• f5467d5 feat(eslint-config-react-app): support ESLint 8.x (#11375)
• e8319da [WIP] Fix integration test teardown / cleanup and missing yarn installation (#11686)
• c7627ce Update webpack and dev server (#11646)
• f85b064 The default port used by `serve` has changed (#11619)
• 544befe Update package.json (#11597)
• 9d0369b Fix ESLint Babel preset resolution (#11547)
• d7b23c8 test(create-react-app): assert for exit code (#10973)
• 1465357 Prepare 5.0.0 alpha release
• 3880ba6 Remove dependency pinning (#11474)
• 8b9fbee Update CODEOWNERS
• cacf590 Bump template dependency version (#11415)
• 5cedfe4 Bump browserslist from 4.14.2 to 4.16.5 (#11476)
• 50ea5ad allow CORS on webpack-dev-server (#11325)
• 63bba07 Upgrade jest and related packages from 26.6.0 to 27.1.0 (#11338)
• 960b21e Bump immer from 8.0.4 to 9.0.6 (#11364)
• 134cd3c Resolve dependency issues in v5 alpha (#11294)
• b45ae3c Update CONTRIBUTING.md

See the full diff

Package name: ua-parser-js

The new version differs by 57 commits.

• 9999815 Update version number to 0.7.24
• 809439e Fix potential ReDoS vulnerability as reported by Doyensec
• 5b83893 Merge pull request #479 from joeyparrish/develop
• 9d154cc chore: Update build
• 7679003 fix: Xbox OS detection
• 45bf76a Merge pull request #474 from dust-off/master
• f543c5a facebook movile app with no browser info
• 89a72c2 Merge pull request #471 from jishidaaaaa/fix-firetv-detection
• 314131d Merge pull request #472 from GeraldHost/master
• 386ebc2 feat: update readme playstation
• b0f14de Fix Detection Rule For Amazon Fire TV
• fd8a583 Merge pull request #469 from bynice/patch-1
• cc2da93 Merge pull request #368 from Deliaz/master
• 34e2e80 Update ua-parser.js
• 26c74ef Merge branch 'develop' into master
• e4b3029 Merge pull request #466 from yoyo837/patch-1
• b7d4865 Update homepage
• d5ab75a Merge branch 'master' of github.com:faisalman/ua-parser-js
• c7475db 0.7.23
• 83d37b4 Merge pull request #451 from dineshks1/master
• 2d53ceb Merge branch 'develop' of github.com:faisalman/ua-parser-js into develop
• d107155 Merge pull request #463 from vinyldarkscratch/bump-deps
• 43fb4d1 Merge pull request #459 from WizKid/master
• 6d1f26d Fix ReDoS vulnerabilities reported by Snyk

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project. ------------ **Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.* For more information: 🧐 [View latest project report](https://app.snyk.io/org/monish2.basaniwal/project/aecbd652-4fb5-436d-b230-f0f2b1334efa?utm_source=github&utm_medium=referral&page=fix-pr) 🛠 [Adjust project settings](https://app.snyk.io/org/monish2.basaniwal/project/aecbd652-4fb5-436d-b230-f0f2b1334efa?utm_source=github&utm_medium=referral&page=fix-pr/settings) 📚 [Read more about Snyk's upgrade and patch logic](https://support.snyk.io/hc/en-us/articles/360003891078-Snyk-patches-to-fix-vulnerabilities) [//]: # (snyk:metadata:{"prId":"4d7015c5-e4c9-4d26-88af-62051b940f08","prPublicId":"4d7015c5-e4c9-4d26-88af-62051b940f08","dependencies":[{"name":"firebase","from":"7.22.0","to":"8.10.1"},{"name":"moment","from":"2.29.0","to":"2.29.4"},{"name":"nanoid","from":"3.1.12","to":"3.1.31"},{"name":"public-ip","from":"4.0.2","to":"5.0.0"},{"name":"react-scripts","from":"3.4.3","to":"5.0.0"},{"name":"ua-parser-js","from":"0.7.22","to":"0.7.24"}],"packageManager":"npm","projectPublicId":"aecbd652-4fb5-436d-b230-f0f2b1334efa","projectUrl":"https://app.snyk.io/org/monish2.basaniwal/project/aecbd652-4fb5-436d-b230-f0f2b1334efa?utm_source=github&utm_medium=referral&page=fix-pr","type":"user-initiated","patch":[],"vulns":["SNYK-JS-ANSIREGEX-1583908","SNYK-JS-BROWSERSLIST-1090194","SNYK-JS-FIREBASEUTIL-1038324","SNYK-JS-GLOBPARENT-1016905","SNYK-JS-GOT-2932019","SNYK-JS-IMMER-1019369","SNYK-JS-IMMER-1540542","SNYK-JS-ISTANBULREPORTS-2328088","SNYK-JS-JSON5-3182856","SNYK-JS-LOADERUTILS-3042992","SNYK-JS-LOADERUTILS-3043105","SNYK-JS-LOADERUTILS-3105943","SNYK-JS-LODASH-1018905","SNYK-JS-LODASH-1040724","SNYK-JS-MINIMATCH-3050818","SNYK-JS-MINIMIST-2429795","SNYK-JS-MOMENT-2440688","SNYK-JS-MOMENT-2944238","SNYK-JS-NANOID-2332193","SNYK-JS-NODEFETCH-2342118","SNYK-JS-NTHCHECK-1586032","SNYK-JS-OBJECTPATH-1017036","SNYK-JS-OBJECTPATH-1569453","SNYK-JS-OBJECTPATH-1585658","SNYK-JS-POSTCSS-1090595","SNYK-JS-POSTCSS-1255640","SNYK-JS-REACTDEVUTILS-1083268","SNYK-JS-SHELLQUOTE-1766506","SNYK-JS-TERSER-2806366","SNYK-JS-UAPARSERJS-1023599","SNYK-JS-UAPARSERJS-1072471"],"upgrade":["SNYK-JS-ANSIREGEX-1583908","SNYK-JS-BROWSERSLIST-1090194","SNYK-JS-FIREBASEUTIL-1038324","SNYK-JS-GLOBPARENT-1016905","SNYK-JS-GOT-2932019","SNYK-JS-IMMER-1019369","SNYK-JS-IMMER-1540542","SNYK-JS-ISTANBULREPORTS-2328088","SNYK-JS-JSON5-3182856","SNYK-JS-LOADERUTILS-3042992","SNYK-JS-LOADERUTILS-3043105","SNYK-JS-LOADERUTILS-3105943","SNYK-JS-LODASH-1018905","SNYK-JS-LODASH-1040724","SNYK-JS-MINIMATCH-3050818","SNYK-JS-MINIMIST-2429795","SNYK-JS-MOMENT-2440688","SNYK-JS-MOMENT-2944238","SNYK-JS-NANOID-2332193","SNYK-JS-NODEFETCH-2342118","SNYK-JS-NTHCHECK-1586032","SNYK-JS-OBJECTPATH-1017036","SNYK-JS-OBJECTPATH-1569453","SNYK-JS-OBJECTPATH-1585658","SNYK-JS-POSTCSS-1090595","SNYK-JS-POSTCSS-1255640","SNYK-JS-REACTDEVUTILS-1083268","SNYK-JS-SHELLQUOTE-1766506","SNYK-JS-TERSER-2806366","SNYK-JS-UAPARSERJS-1023599","SNYK-JS-UAPARSERJS-1072471"],"isBreakingChange":true,"env":"prod","prType":"fix","templateVariants":["priorityScore"],"priorityScoreList":[696,586,601,586,484,696,601,429,641,479,589,479,586,681,479,506,589,696,521,539,696,686,601,590,586,586,601,619,479,696,616]}) --- **Learn how to fix vulnerabilities with free interactive lessons:** 🦉 [Regular Expression Denial of Service (ReDoS)](https://learn.snyk.io/lessons/redos/javascript/?loc=fix-pr) 🦉 [Regular Expression Denial of Service (ReDoS)](https://learn.snyk.io/lessons/redos/javascript/?loc=fix-pr) 🦉 [Prototype Pollution](https://learn.snyk.io/lessons/prototype-pollution/javascript/?loc=fix-pr) 🦉 [More lessons are available in Snyk Learn](https://learn.snyk.io/?loc=fix-pr)