List of NPM packages that are used on 132.145.45.33

About Community

132.145.45.33 63 packages

Last scanned on Nov 24 at 01:36 PM

jsonwebtoken 8.5.0 - 8.5.1VulnerableOutdated

JSON Web Token implementation (symmetric and asymmetric)

Script

http://132.145.45.33:3000/js/chunk-vendors.0558831f.js

License

MIT

Footprint

8 KB

Vulnerabilities

ModerateGHSA-qwph-4952-7xr6

jsonwebtoken vulnerable to signature validation bypass due to insecure default algorithm in jwt.verify()

Affected versions >=0 <9.0.0

ModerateGHSA-8cf7-32gw-wr33

jsonwebtoken unrestricted key type could lead to legacy keys usage

Affected versions >=0 <9.0.0

HighGHSA-27h2-hvpr-p74q

jsonwebtoken has insecure input validation in jwt.verify function

Affected versions >=0 <9.0.0

ModerateGHSA-hjrf-2m68-5959

jsonwebtoken's insecure implementation of key retrieval function could lead to Forgeable Public/Private Tokens from RSA to HMAC

Affected versions >=0 <9.0.0

Matched Modules

Version distribution in production

8.5.0

8.5.1

8.2.1

8.2.2

8.4.0

8.2.0

Also used on 70 websites

es5-ext 0.10.24 - 0.10.49VulnerableOutdated

ECMAScript extensions and shims

ecmascript ecmascript5 ecmascript6 es5 es6+11

medikoo

semver 5.7.0 - 6.3.0Outdated

The semantic version parser used by npm.

debug 4.3.0 - 4.3.1Outdated

Lightweight debugging utility for Node.js and the browser

debug log debugger

ms 2.1.2 - 2.1.3

Tiny millisecond conversion utility

readable-stream 3.6.0Outdated

Node.js Streams, a user-land copy of the stream library from Node.js

readable stream pipe

string_decoder 1.1.0 - 1.3.0

The string_decoder module from Node core

string decoder browser browserify

isarray 1.0.0 - 2.0.5

Array#isArray for older browsers

browser isarray array

juliangruber

inherits 2.0.3 - 2.0.4

Browser-friendly inheritance fully compatible with standard node.js inherits()

inheritance class klass oop object-oriented+3

isaacs

buffer 4.6.0 - 4.9.2Outdated

Node.js Buffer API, for the browser

arraybuffer browser browserify buffer compatible+2

feross

@babel/runtime 7.9.6 - 7.20.0Outdated

babel's modular runtime helpers

axios 0.21.4Outdated

Promise based HTTP client for the browser and node.js

xhr http ajax promise node

core-util-is 1.0.2 - 1.0.3

The `util.is*` functions introduced in Node v0.12.

util isBuffer isArray isNumber isString+4

isaacs

base64-js 1.3.0 - 1.5.1

Base64 encoding/decoding in pure JS

base64

events 3.0.0 - 3.3.0

Node's event emitter for all engines.

events eventEmitter eventDispatcher listeners

core-js 3.7.0 - 3.10.0Outdated

Standard library

ES3 ES5 ES6 ES7 ES2015+39

zloirock

util 0.10.0 - 0.12.5

Node.js's util module for all engines

util

jws 3.2.1 - 4.0.0

Implementation of JSON Web Signatures

jws json web signatures

jwa 1.4.1Outdated

JWA implementation (supports all JWS algorithms)

jwa jws jwt rsa ecdsa+1

lodash.isplainobject 4.0.6

The lodash method `_.isPlainObject` exported as a module.

lodash-modularized isplainobject

minimalistic-assert 1.0.0 - 1.0.1

minimalistic-assert ===

ecdsa-sig-formatter 1.0.10 - 1.0.11

Translate ECDSA signatures between ASN.1/DER and JOSE-style concatenation

ecdsa der asn.1 jwt jwa+2

d2l-travis-deploy

buffer-equal-constant-time 1.0.0 - 1.0.1

Constant-time comparison of Buffers

buffer equal constant-time crypto

path-browserify 0.0.0 - 0.0.1Outdated

the path module from node core for browsers

browser browserify path

+36

lodash.isstring 4.0.1

The lodash method `_.isString` exported as a module.

lodash-modularized isstring

sha.js 2.4.9 - 2.4.11

Streamable SHA hashes in pure javascript

lodash.isboolean 3.0.1 - 3.0.3

The lodash method `_.isBoolean` exported as a module.

lodash-modularized isboolean

asn1.js 5.2.0 - 5.4.1

ASN.1 encoder and decoder

asn.1 der

lodash.includes 4.0.1 - 4.1.2Outdated

The lodash method `_.includes` exported as a module.

lodash-modularized includes

hash-base 3.0.4 - 3.1.0

abstract base class for hash-streams

hash stream

elliptic 6.5.4Outdated

EC cryptography

EC Elliptic curve Cryptography

indutny

lodash.isnumber 3.0.1 - 3.0.3

The lodash method `_.isNumber` exported as a module.

lodash-modularized isnumber

hash.js 1.1.2 - 1.1.7

Various hash functions that could be run by both browser and node

hash sha256 sha224 hmac

indutny

hmac-drbg 1.0.1

Deterministic random bit generator (hmac)

hmac drbg prng

indutny

des.js 1.0.1Outdated

DES implementation

DES 3DES EDE CBC

indutny

md5.js 1.1.0 - 1.3.5

node style md5 on pure JavaScript

crypto md5

pbkdf2 3.1.0 - 3.1.2

This library provides the functionality of PBKDF2 with the ability to use any supported hashing algorithm returned from crypto.getHashes()

pbkdf2 kdf salt hash

parse-asn1 5.1.6Outdated

utility library for parsing asn1 files for use with browserify-sign.

cipher-base 1.0.4

abstract base class for crypto-streams

cipher stream

browserify-sign 2.4.0 - 2.8.0Outdated

adds node crypto signing for browsers

browserify-aes 0.4.0 - 0.8.1Outdated

aes, for browserify

aes crypto browserify

evp_bytestokey 1.0.3

The insecure key derivation algorithm from OpenSSL

crypto openssl

browserify-rsa 4.1.0

RSA for browserify

create-ecdh 3.0.0 - 4.0.4

createECDH but browserifiable

diffie hellman diffiehellman ECDH

public-encrypt 4.0.3

browserify version of publicEncrypt & privateDecrypt

diffie-hellman 1.1.2Outdated

pure js diffie-hellman

diffie hellman diffiehellman dh

browserify-des 1.0.2

browserify-des ===

miller-rabin 1.1.0 - 4.0.1

Miller Rabin algorithm for primality test

prime miller-rabin bignumber

randomfill 1.0.0 - 1.0.4

random fill from browserify stand alone

crypto random

socket.io-parser 4.0.1 - 4.1.1Outdated

socket.io protocol parser

engine.io-parser 4.0.1 - 4.0.3Outdated

Parser for the client for the realtime Engine

p-is-promise 3.0.0 - 4.0.0

Check if something is a promise

promise is detect check kind+7

sindresorhus

vue 1.0.9 - 2.7.13Outdated

The progressive JavaScript framework for building modern web UI.

vue

socket.io-client 4.0.0 - 4.0.1Outdated

Realtime application framework client

realtime framework websocket tcp events+1

base64-arraybuffer 0.1.0 - 0.1.4Outdated

Encode/decode base64 data into ArrayBuffers

niklasvh

engine.io-client 5.0.0Outdated

Client for the realtime Engine

fp-ts 2.6.6 - 2.9.5Outdated

Functional programming in TypeScript

typescript algebraic-data-types functional-programming

gcanti

yeast 0.1.2

Tiny but linear growing unique id generator

yeast id generator unique

rc-trigger 4.3.0 - 4.3.4Outdated

base abstract trigger component for react

react react-component react-trigger trigger

idb-keyval 5.1.0 - 5.1.5Outdated

A super-simple-small keyval store built on top of IndexedDB

idb indexeddb store keyval localstorage+2

jaffathecake

bootstrap-vue 2.0.0 - 2.15.0Outdated

With more than 85 components, over 45 available plugins, several directives, and 1000+ icons, BootstrapVue provides one of the most comprehensive implementations of the Bootstrap v4 component and grid system available for Vue.js v2.6, complete with extens

Bootstrap Bootstrap v4 Bootstrap for Vue Vue Vue.js+54

lottie-api 1.0.0 - 1.0.2Outdated

A library to edit lottie-web animations dynamically

airnan

react-amphtml 3.0.0 - 4.0.2

Use amphtml components inside your React apps easily!

react amphtml

dfrankland

Popular search queries

webpack.js.org

urlreact-scriptsreactlottie-apireact-helmet-async+7 packages

github.com

color-convert@headlessui/reacthoist-non-react-staticsreactstraplit-html+60 packages

pinterest.com

lodashrelay-runtimereact-relayreact-uselodash-es+51 packages

Popular packages

react

React is a JavaScript library for building user interfaces.

+6 634 websites

core-js

Standard library

+10 238 websites

es5-ext

ECMAScript extensions and shims

+10 229 websites

@babel/runtime

babel's modular runtime helpers

+8 352 websites

lodash

Lodash modular utilities.

+4 826 websites

axios

Promise based HTTP client for the browser and node.js

+4 742 websites