[Snyk] Upgrade expo from 49.0.21 to 49.0.23

[RelxOff]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade expo from 49.0.21 to 49.0.23.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 2 versions ahead of your current version.
• The recommended version was released 2 months ago, on 2024-02-14.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Improper Input Validation SNYK-JS-FOLLOWREDIRECTS-6141137	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Server-side Request Forgery (SSRF) SNYK-JS-IP-6240864	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Path Traversal SNYK-JS-WEBPACKDEVMIDDLEWARE-6476555	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Open Redirect SNYK-JS-EXPRESS-6474509	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-6444610	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Cross-site Scripting (XSS) SNYK-JS-SERIALIZEJAVASCRIPT-6147607	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Uncontrolled Resource Consumption ('Resource Exhaustion') SNYK-JS-TAR-6476909	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: expo

• 49.0.23 - 2024-02-14
• 49.0.22 - 2024-01-10
• 49.0.21 - 2023-11-24

from expo GitHub release notes

Commit messages

Package name: expo

• 91484b1 Publish packages
• dc28515 [dev-launcher][android] Replace DevLoadingModule with custom implementation (#27010)
• 4e0d601 [sdk49] update react-native 0.72.10 (#26977)
• 25af32e Publish expo-modules-core
• c35d272 [core][Android] Fixed random `NullPointerExceptions` when calling `Updates.reloadAsync` (#24442)
• b6f3751 Publish expo-module-template
• d6b6e9d [create-expo-modules] fix multiple react version issue from npm (#26209)
• 9dccd34 docs(cli): sync changelogs from `main`
• c3978b8 fix(cli): catch locked devices when launching apps through devicectl (#26203)
• 3a17f53 [templates] Publish templates [skip ci]
• 8e379dd [templates] fix delay loading for expo-updates (#26120)
• 2a65abe Publish expo-updates
• 734db12 [updates] introduce UpdatesController.overrideConfiguration (#26078)
• 8cd3d85 fix(cli): add support for `webpack-dev-server@4` (#25863)
• 4c1bf92 Publish expo-updates
• 15bd46c [expo-updates][Android] Remove unnecessary throw on duplicate asset (#25898)
• e499c4d [status-bar] fix wrong link to docs in README (#25725)
• f1ab41d [expo-dev-launcher] Update bundles to fix failing check-packages

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs