CVE-2025-13466 in version 18.0.1?

Hello,

This seems related to a [new security advisory](https://github.com/advisories/GHSA-wqch-xfxh-vrr4) published yesterday.

```
# npm audit report

body-parser  <2.2.1
Severity: moderate
body-parser is vulnerable to denial of service when url encoding is used - https://github.com/advisories/GHSA-wqch-xfxh-vrr4
fix available via `npm audit fix --force`
Will install @react-native-community/cli@16.0.3, which is a breaking change
node_modules/body-parser
  @react-native-community/cli-server-api  >=17.0.0
  Depends on vulnerable versions of body-parser
  node_modules/@react-native-community/cli-server-api
    @react-native-community/cli  >=17.0.0
    Depends on vulnerable versions of @react-native-community/cli-server-api
    node_modules/@react-native-community/cli

3 moderate severity vulnerabilities

To address all issues (including breaking changes), run:
  npm audit fix --force
```

Regards

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

CVE-2025-13466 in version 18.0.1? #2740

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

CVE-2025-13466 in version 18.0.1? #2740

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions