[Snyk] Fix for 6 vulnerabilities

[Claudiodavid-ai]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	119/1000 Why? Confidentiality impact: High, Integrity impact: None, Availability impact: None, Scope: Unchanged, Exploit Maturity: Proof of Concept, User Interaction (UI): Required, Privileges Required (PR): None, Attack Complexity: High, Attack Vector: Network, EPSS: 0.00111, Social Trends: No, Days since published: 706, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: Medium, Package Popularity Score: 99, Impact: 5.99, Likelihood: 1.98, Score Version: V5	Information Exposure SNYK-JS-FOLLOWREDIRECTS-2332181	No	Proof of Concept
	21/1000 Why? Confidentiality impact: Low, Integrity impact: None, Availability impact: None, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): None, Privileges Required (PR): Low, Attack Complexity: High, Attack Vector: Adjacent, EPSS: 0.00133, Social Trends: No, Days since published: 678, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: Low, Package Popularity Score: 99, Impact: 2.35, Likelihood: 0.877, Score Version: V5	Information Exposure SNYK-JS-FOLLOWREDIRECTS-2396346	No	No Known Exploit
	159/1000 Why? Confidentiality impact: None, Integrity impact: None, Availability impact: High, Scope: Unchanged, Exploit Maturity: Proof of Concept, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00273, Social Trends: No, Days since published: 1101, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 99, Impact: 5.99, Likelihood: 2.65, Score Version: V5	Regular Expression Denial of Service (ReDoS) SNYK-JS-UAPARSERJS-1023599	Yes	Proof of Concept
	146/1000 Why? Confidentiality impact: None, Integrity impact: None, Availability impact: High, Scope: Unchanged, Exploit Maturity: Proof of Concept, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: High, Attack Vector: Network, EPSS: 0.00213, Social Trends: No, Days since published: 1040, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: Medium, Package Popularity Score: 99, Impact: 5.99, Likelihood: 2.42, Score Version: V5	Regular Expression Denial of Service (ReDoS) SNYK-JS-UAPARSERJS-1072471	Yes	Proof of Concept
	159/1000 Why? Confidentiality impact: None, Integrity impact: None, Availability impact: High, Scope: Unchanged, Exploit Maturity: Proof of Concept, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00385, Social Trends: No, Days since published: 1189, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 99, Impact: 5.99, Likelihood: 2.65, Score Version: V5	Regular Expression Denial of Service (ReDoS) SNYK-JS-UAPARSERJS-610226	Yes	Proof of Concept
	58/1000 Why? Confidentiality impact: None, Integrity impact: None, Availability impact: Low, Scope: Unchanged, Exploit Maturity: Proof of Concept, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: High, Attack Vector: Network, EPSS: 0.00296, Social Trends: No, Days since published: 2275, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: Low, Package Popularity Score: 99, Impact: 2.35, Likelihood: 2.43, Score Version: V5	Regular Expression Denial of Service (ReDoS) npm:debug:20170905	No	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: react-admin

The new version differs by 250 commits.

• 89ac783 v3.0.0
• 5f107ba Prepare changelog for 3.0.0
• 3137772 Merge branch 'master' into next
• f5bea90 v2.9.9
• 5d59f62 Prepare changelog for v2.9.9
• 41e8562 Merge pull request #3956 from nicgirault/add-example-to-datagrid-doc
• 056404e Merge pull request #3954 from nicgirault/improve-pagination-doc
• fc827b7 Merge pull request #3958 from gstvg/patch-1
• c29055d Merge pull request #4007 from m4theushw/ie11
• bd2b57a Merge pull request #4000 from marmelab/fix-filter-resets-pagination
• 2b8bbf8 Merge pull request #4004 from WiXSL/patch-anchors-inputs
• 779ccb1 Upgrade react-final-form again
• fbb36c1 Docs anchors not workings.
• 0e29b53 Fix support to IE11
• 338dcdb Fix types after react-final-form update
• 2d1da89 Merge pull request #3995 from WiXSL/patch-demo-app-component
• a17110e Fix setting filter resets pagination
• 4aed24e Reverted loading indicator.
• 9c688f0 Merge pull request #3994 from bicstone/patch-1
• 990f8b5 Merge pull request #3998 from marmelab/better-input-doc
• bf8337e Merge branch 'next' into better-input-doc
• 2e797bd Improve Inputs doc to make props more obvious
• 8cd9489 Change UserMenu component to function component.
• 125f204 Change demo App component to function component.

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)