[Snyk] Upgrade react-scripts from 4.0.0 to 4.0.3

[dingo4dev]

Snyk has created this PR to upgrade react-scripts from 4.0.0 to 4.0.3.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 3 versions ahead of your current version.

• The recommended version was released 4 years ago.

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Remote Memory Exposure SNYK-JS-DNSPACKET-1293563	387	No Known Exploit
	Prototype Pollution SNYK-JS-ASYNC-2441827	387	Proof of Concept
	Asymmetric Resource Consumption (Amplification) SNYK-JS-BODYPARSER-7926860	387	No Known Exploit
	Improper Input Validation SNYK-JS-URLPARSE-2407770	387	Proof of Concept
	Prototype Pollution SNYK-JS-IMMER-1019369	387	Proof of Concept
	Server-side Request Forgery (SSRF) SNYK-JS-IP-6240864	387	Proof of Concept
	Command Injection SNYK-JS-REACTDEVUTILS-1083268	387	Proof of Concept
	Cross-site Scripting (XSS) SNYK-JS-COOKIE-8163060	387	No Known Exploit
	Cross-site Scripting (XSS) SNYK-JS-BOOTSTRAP-7444580	387	Proof of Concept
	Cross-site Scripting (XSS) SNYK-JS-BOOTSTRAP-7444593	387	Proof of Concept
	Authorization Bypass Through User-Controlled Key SNYK-JS-URLPARSE-2412697	387	Proof of Concept
	Information Exposure SNYK-JS-EVENTSOURCE-2823375	387	Proof of Concept
	Open Redirect SNYK-JS-EXPRESS-6474509	387	No Known Exploit
	Cross-site Scripting SNYK-JS-EXPRESS-7926867	387	No Known Exploit
	Improper Handling of Unexpected Data Type SNYK-JS-ONHEADERS-10773729	387	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHTOREGEXP-7925106	387	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHTOREGEXP-8482416	387	Proof of Concept
	Improper Input Validation SNYK-JS-URLPARSE-1078283	387	No Known Exploit
	Open Redirect SNYK-JS-URLPARSE-1533425	387	Proof of Concept
	Access Restriction Bypass SNYK-JS-URLPARSE-2401205	387	Proof of Concept
	Authorization Bypass SNYK-JS-URLPARSE-2407759	387	Proof of Concept
	Cross-site Scripting SNYK-JS-SEND-7926862	387	No Known Exploit
	Regular Expression Denial of Service (ReDoS) npm:debug:20170905	387	Proof of Concept
	Cross-site Scripting SNYK-JS-SERVESTATIC-7926865	387	No Known Exploit

Release notes

Package name: react-scripts

• 4.0.3 - 2021-02-22
• 4.0.2 - 2021-02-03
• 4.0.1 - 2020-11-23
• 4.0.0 - 2020-10-23

from react-scripts GitHub release notes

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.
• Max score is 1000. Note that the real score may have changed since the PR was raised.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[Copilot]

Pull Request Overview

This PR upgrades the react-scripts dependency from version 4.0.0 to 4.0.3 to address multiple security vulnerabilities identified by Snyk. The upgrade resolves 24 security issues ranging from high-severity vulnerabilities like Remote Memory Exposure and Prototype Pollution to medium and low-severity issues including Cross-site Scripting (XSS) and Regular Expression Denial of Service (ReDoS).

• Upgrades react-scripts from 4.0.0 to 4.0.3 (3 patch versions ahead)
• Resolves 24 identified security vulnerabilities across various severity levels
• Maintains compatibility within the same major version to minimize breaking changes