High level Arbitrary Command Injection vulnerability

Created by: micheleriso

Describe the bug

Last version of react-dev-utils requires the library open@6.4.0 that has an high level Arbitrary Command Injection vulnerability https://snyk.io/vuln/npm:open:20180512

Did you try recovering your dependencies?

Yes. I updated to latest versions

Which terms did you search for in User Guide?

Environment

Steps to reproduce

(Write your steps here:)

Npm install react-scripts
npm audit

Expected behavior

(Write what you thought would happen.)

Actual behavior

(Write what happened. Please add screenshots!)

Reproducible demo

(Paste the link to an example project and exact instructions to reproduce the issue.)