react-scripts seems abandoned by facebook #19
Description
There are multiple react-scripts vuln right now. the package doesnt seem to have been updated for over a year (possibly related to ukraine war?).
Should consider ejecting from the tool, and have all dependencies as direct dependencies.