PS C:> npx create-react-app mern-stack

Creating a new React app in C:\mern-stack.

Installing packages. This might take a couple of minutes. Installing react, react-dom, and react-scripts with cra-template...

added 1482 packages in 4m

261 packages are looking for funding run npm fund for details

Initialized a git repository.

Installing template dependencies using npm...

added 63 packages, and changed 1 package in 25s

261 packages are looking for funding run npm fund for details Removing template package using npm...

removed 1 package, and audited 1545 packages in 6s

261 packages are looking for funding run npm fund for details

8 vulnerabilities (2 moderate, 6 high)

To address all issues (including breaking changes), run: npm audit fix --force

Run npm audit for details.

Created git commit.

Success! Created mern-stack at C:\Users\LENOVO\Desktop\programing_Files\node_Files\learing_react\mern-stack Inside that directory, you can run several commands:

npm start Starts the development server.

npm run build Bundles the app into static files for production.

npm test Starts the test runner.

npm run eject Removes this tool and copies build dependencies, configuration files and scripts into the app directory. If you do this, you can’t go back!

We suggest that you begin by typing:

cd mern-stack npm start

Happy hacking!

PS C:\mern-stack> npm install react-scripts@latest

up to date, audited 1545 packages in 4s

261 packages are looking for funding run npm fund for details

8 vulnerabilities (2 moderate, 6 high)

To address all issues (including breaking changes), run: npm audit fix --force

Run npm audit for details. PS C:\mern-stack> npm audit

npm audit report

nth-check <2.0.1 Severity: high Inefficient Regular Expression Complexity in nth-check - https://github.com/advisories/GHSA-rp65-9cf3-cjxr fix available via npm audit fix --force Will install [email protected], which is a breaking change node_modules/svgo/node_modules/nth-check css-select <=3.1.0 Depends on vulnerable versions of nth-check node_modules/svgo/node_modules/css-select svgo 1.0.0 - 1.3.2 Depends on vulnerable versions of css-select node_modules/svgo @svgr/plugin-svgo <=5.5.0 Depends on vulnerable versions of svgo node_modules/@svgr/plugin-svgo @svgr/webpack 4.0.0 - 5.5.0 Depends on vulnerable versions of @svgr/plugin-svgo node_modules/@svgr/webpack react-scripts >=2.1.4 Depends on vulnerable versions of @svgr/webpack Depends on vulnerable versions of resolve-url-loader node_modules/react-scripts

postcss <8.4.31 Severity: moderate PostCSS line return parsing error - https://github.com/advisories/GHSA-7fh5-64p2-3v2j fix available via npm audit fix --force Will install [email protected], which is a breaking change node_modules/resolve-url-loader/node_modules/postcss resolve-url-loader 0.0.1-experiment-postcss || 3.0.0-alpha.1 - 4.0.0 Depends on vulnerable versions of postcss node_modules/resolve-url-loader

8 vulnerabilities (2 moderate, 6 high)

To address all issues (including breaking changes), run: npm audit fix --force

Jul 21 '24 14:07 harish00506

Run npm audit fix --force

Jul 25 '24 18:07 bharat407

i have runed it also same

Jul 31 '24 07:07 harish00506

try this solution: https://github.com/facebook/create-react-app/issues/13607#issuecomment-2229507380

Aug 13 '24 08:08 ghost

I have this PR (https://github.com/facebook/create-react-app/pull/13778), which could hopefully fix it without having to use overrides, etc.

I was having exactly the same on my app. Once I updated the react-scripts package to use latest dependencies on the places where those vulnerable package versions were used, I then got 0 vulnerabilities.

Jan 07 '25 18:01 HiickFG

Npx create-react-app: 8 vulnerabilities (2 moderate, 6 high) in new react app

npm audit report