cloudlinux
diff --git a/‎docs/.vuepress/components/ELSTechnology.vue‎
Lines changed: 20 additions & 0 deletions b/‎docs/.vuepress/components/ELSTechnology.vue‎
Lines changed: 20 additions & 0 deletions
diff --git a/‎docs/.vuepress/config-client/sidebar.ts‎
Lines changed: 16 additions & 0 deletions b/‎docs/.vuepress/config-client/sidebar.ts‎
Lines changed: 16 additions & 0 deletions
diff --git a/‎docs/.vuepress/public/images/react-logo.webp‎
480 Bytes b/‎docs/.vuepress/public/images/react-logo.webp‎
480 Bytes
diff --git a/‎docs/els-for-libraries/javascript-libraries/README.md‎
Lines changed: 2 additions & 0 deletions b/‎docs/els-for-libraries/javascript-libraries/README.md‎
Lines changed: 2 additions & 0 deletions
diff --git a/‎docs/els-for-libraries/react-dom/README.md‎
Lines changed: 185 additions & 0 deletions b/‎docs/els-for-libraries/react-dom/README.md‎
Lines changed: 185 additions & 0 deletions
@@ -480,6 +480,26 @@ const techData = [
         versions: "1.3.7",
         link: "./javascript-libraries/",
       },
+      {
+        name: "React",
+        versions: "15.6.2",
+        link: "./react/",
+      },
+      {
+        name: "react-dom",
+        versions: "16.4.1",
+        link: "./react-dom/",
+      },
+      {
+        name: "react-pdf",
+        versions: "7.7.1",
+        link: "./react-pdf/",
+      },
+      {
+        name: "react-router",
+        versions: "7.5.1",
+        link: "./react-router/",
+      },
       {
         name: "Request",
         versions: "2.88.0",
 
@@ -299,6 +299,22 @@ export default {
                     path: '/els-for-libraries/postcss/',
                     icon: '/images/postcss-logo.webp',
                 },
+                {
+                    path: '/els-for-libraries/react/',
+                    icon: '/images/react-logo.webp',
+                },
+                {
+                    path: '/els-for-libraries/react-dom/',
+                    icon: '/images/react-logo.webp',
+                },
+                {
+                    path: '/els-for-libraries/react-pdf/',
+                    icon: '/images/react-logo.webp',
+                },
+                {
+                    path: '/els-for-libraries/react-router/',
+                    icon: '/images/react-logo.webp',
+                },
                 {
                     path: '/els-for-libraries/tailwindcss/',
                     icon: '/images/tailwindcss-logo.webp',
 
@@ -39,6 +39,7 @@ Endless Lifecycle Support (ELS) for Libraries from TuxCare provides security fix
 * **terser** 4.6.10, 4.8.1, 5.3.0, 5.5.1
 * **tough-cookie** 2.4.3, 2.5.0
 * **ua-parser-js** 0.7.21
+* **underscore** 1.7.0
 * **webpack-subresource-integrity** 1.4.0
 * **xml2js** 0.4.23
 * **yargs-parser** 11.1.1
@@ -247,6 +248,7 @@ Fixes for the following vulnerabilities are available in ELS for JavaScript Libr
 | CVE-2025-7783  | Direct   | Critical | form-data          | < 2.5.4, 3.0.0 - 3.0.3, 4.0.0 - 4.0.3 |
 | CVE-2018-13863 | Direct   | High     | bson               | >= 0.5.0, < 1.0.5 |
 | CVE-2021-23424 | Direct   | High     | ansi-html          | < 0.0.8            |
+| CVE-2021-23358 | Direct   | High     | underscore         | >= 1.3.2 < 1.12.1  |
 | CVE-2021-3803  | Direct   | High     | nth-check         | < 2.0.1            |
 | CVE-2022-21680 | Direct   | High     | marked            | < 4.0.10           |
 | CVE-2022-21681 | Direct   | High     | marked            | < 4.0.10           |
 
@@ -0,0 +1,185 @@
+# react-dom
+
+Endless Lifecycle Support (ELS) for react-dom from TuxCare provides security fixes for react-dom versions that have reached their end of life. This allows you to continue running React DOM applications without vulnerability concerns, even after official support has ended.
+
+## Supported react-dom Versions
+
+* react-dom 16.4.1
+
+## Connection to ELS for react-dom Library
+
+This guide outlines the steps needed to integrate the TuxCare ELS for the react-dom library.
+
+## Step 1: Get Token
+
+You need a token in order to use TuxCare ELS react-dom library. Anonymous access is disabled. To receive the token, please contact [sales@tuxcare.com](mailto:sales@tuxcare.com).
+
+## Step 2: Set Up ELS for react-dom
+
+TuxCare provides ELS for react-dom as an NPM package, hosted on a secure internal registry. Follow the steps below to add it to your project and get started.
+
+1. Navigate to the root directory of your React DOM project.
+2. Create a `.npmrc` file or update it if it already exists.
+
+   **Example:**
+
+   ```text
+   my-react-dom-project/
+   ├── node_modules/
+   ├── package.json
+   ├── .npmrc         ⚠️ ← Create it here
+   └── package-lock.json
+   ```
+
+3. Use an editor of your choice (e.g., VS Code) to add the following registry address line:
+
+   <CodeWithCopy>
+
+   ```text
+   registry=https://registry.npmjs.org/
+   @els-js:registry=https://nexus.repo.tuxcare.com/repository/els_js/
+   //nexus.repo.tuxcare.com/repository/els_js/:_auth=${TOKEN}
+   ```
+
+   </CodeWithCopy>
+
+   :::warning
+   Replace ${TOKEN} with the token you received from [sales@tuxcare.com](mailto:sales@tuxcare.com).
+   :::
+
+4. Update your `package.json` file to replace your react-dom dependencies with the TuxCare packages. You can do this in two ways:
+
+   * **Option 1: TuxCare Patcher (Automated)**
+
+     Install the Patcher globally and run it. The TuxCare Patcher automatically detects the react-dom version in your `package.json` and updates your `dependencies` and `overrides` to use the corresponding TuxCare `@els-js/*` packages.
+
+     <CodeWithCopy>
+
+     ```text
+     npm install -g @els-js/tuxcare-patcher --userconfig ./.npmrc
+     tuxcare-patch-js
+     ```
+
+     </CodeWithCopy>
+
+     The patcher will update your `package.json`, for example, from:
+
+     ```text
+     "dependencies": {
+       "react-dom": "^16.4.1"
+     }
+     ```
+
+     to:
+
+     ```text
+     "dependencies": {
+       "react-dom": "npm:@els-js/react-dom@16.4.1-tuxcare.1"
+     },
+     "overrides": {
+       "react-dom@16.4.1": "npm:@els-js/react-dom@16.4.1-tuxcare.1"
+     }
+     ```
+    
+   * **Option 2: Manual Update**
+
+     Manually update your `package.json` file by replacing your react-dom dependencies with the TuxCare packages. This method gives you full control over which packages to update.
+
+     <CodeWithCopy>
+
+     ```text
+     "dependencies": {
+       "react-dom": "npm:@els-js/react-dom@16.4.1-tuxcare.1"
+     }
+     ```
+
+     </CodeWithCopy>
+
+5. You need to remove the `node_modules` directory and the `package-lock.json` file, and also clear the `npm cache` before installing the patched packages. Use the following commands:
+   
+   <CodeWithCopy>
+
+   ```text
+   rm -rf node_modules package-lock.json && npm cache clean --force
+   ```
+
+   </CodeWithCopy>
+
+6. Run the following command to install the ELS version of the react-dom library (token for the TuxCare repository will be automatically picked up from your `.npmrc` file):
+
+   <CodeWithCopy>
+
+   ```text
+   npm install
+   ```
+
+   </CodeWithCopy>
+
+   You will see an output like:
+
+   ```text
+    added 1 package, and audited 2 packages in 792ms
+    
+    found 0 vulnerabilities
+   ```
+
+7. You've successfully installed the Tuxcare ELS version of the react-dom library into your project.
+
+## Vulnerability Exploitability eXchange (VEX) 
+
+VEX is a machine-readable format that tells you if a known vulnerability and is actually exploitable in your product. It reduces false positives, helps prioritize real risks.
+
+TuxCare provides VEX for react-dom ELS versions: [security.tuxcare.com/vex/cyclonedx/els_lang_javascript/react-dom/](https://security.tuxcare.com/vex/cyclonedx/els_lang_javascript/react-dom/).
+
+## How to Upgrade to a Newer Version of TuxCare Packages
+
+If you have already installed a package with a `tuxcare.1` suffix and want to upgrade to a newer release (for example, `tuxcare.3`), you can use one of the following methods:
+
+* **Option 1: TuxCare Patcher (Automated). Recommended for projects with multiple TuxCare dependencies.**
+
+  The TuxCare Patcher automatically detects all TuxCare dependencies in your `package.json` and updates them to the latest available versions.
+
+  <CodeWithCopy>
+
+  ```text
+  tuxcare-patch-js --upgrade
+  ```
+
+  </CodeWithCopy>
+
+* **Option 2: Manual Update via CLI (Single Dependency)**
+
+  If you want to update a single TuxCare dependency, use the npm install command with the specific version. This automatically updates both `package.json` and `package-lock.json`:
+
+  <CodeWithCopy>
+
+  ```text
+  npm install react-dom@npm:@els-js/react-dom@16.4.1-tuxcare.2
+  ```
+
+  </CodeWithCopy>
+
+* **Option 3: Manual Update via package.json (Multiple Dependencies)**
+
+  If you want to update several TuxCare dependencies, manually update the version strings in your `package.json`, then remove installed files and clear npm cache to avoid conflicts:
+
+  <CodeWithCopy>
+
+  ```text
+  rm -rf node_modules package-lock.json && npm cache clean --force
+  npm install
+  ```
+
+  </CodeWithCopy>
+
+## Resolved CVEs
+
+Fixes for the following vulnerabilities are available in ELS for react-dom from TuxCare versions:
+
+| CVE ID        | CVE Type | Severity | Affected Libraries | Vulnerable Versions |
+| :-----------: | :------: |:--------:|:------------------:| :----------------: |
+| CVE-2018-6341 | Direct   | Medium   | react-dom          | >= 16.0.0 < 16.0.1, >= 16.1.0 < 16.1.2, >= 16.2.0 < 16.2.1, >= 16.3.0 < 16.3.3, >= 16.4.0 < 16.4.2 |
+
+If you are interested in the TuxCare Endless Lifecycle Support, contact [sales@tuxcare.com](mailto:sales@tuxcare.com).
+
+