About
Community
bluestacks.com
52 packages
Last scanned on Oct 27 at 06:22 PM
Update
Name
Size
Popularity
Severity
jsonwebtoken
8.5.0 - 8.5.1
Vulnerable
Outdated
JSON Web Token implementation (symmetric and asymmetric)
Script
https://www.bluestacks.com/wp-content/themes/bluestacks/dist/js/bsx-home-page/script.js?v=6278644c
https://www.bluestacks.com/wp-content/themes/bluestacks/search-suggest/public/js/bundle.js?v=1665726039
https://www.bluestacks.com/wp-content/themes/bluestacks/dist/js/new-components/globalFunction.js?v=6f6ab20b
License
MIT
Footprint
8 KB
Vulnerabilities
Moderate
GHSA-qwph-4952-7xr6
jsonwebtoken vulnerable to signature validation bypass due to insecure default algorithm in jwt.verify()
Affected versions >=0 <9.0.0
Moderate
GHSA-8cf7-32gw-wr33
jsonwebtoken unrestricted key type could lead to legacy keys usage
Affected versions >=0 <9.0.0
High
GHSA-27h2-hvpr-p74q
jsonwebtoken has insecure input validation in jwt.verify function
Affected versions >=0 <9.0.0
Moderate
GHSA-hjrf-2m68-5959
jsonwebtoken's insecure implementation of key retrieval function could lead to Forgeable Public/Private Tokens from RSA to HMAC
Affected versions >=0 <9.0.0
Matched Modules
Version distribution in production
66
8.5.0
66
8.5.1
4
8.2.1
4
8.2.2
4
8.4.0
3
8.2.0
Also used on 70 websites
cnbc.com
130 packages
bluestacks.com
52 packages
elpais.com
52 packages
scmp.com
95 packages
Repository
Homepage
More
jwt
es5-ext
0.10.24 - 0.10.49
Vulnerable
Outdated
ECMAScript extensions and shims
ecmascript
ecmascript5
ecmascript6
es5
es6
+11
medikoo
ms
2.1.2 - 2.1.3
Tiny millisecond conversion utility
+5
readable-stream
3.5.0 - 3.6.0
Outdated
Node.js Streams, a user-land copy of the stream library from Node.js
readable
stream
pipe
string_decoder
1.1.0 - 1.3.0
The string_decoder module from Node core
string
decoder
browser
browserify
+1
isarray
1.0.0 - 2.0.5
Array#isArray for older browsers
browser
isarray
array
juliangruber
inherits
2.0.3
Outdated
Browser-friendly inheritance fully compatible with standard node.js inherits()
inheritance
class
klass
oop
object-oriented
+3
isaacs
buffer
4.6.0 - 4.9.2
Outdated
Node.js Buffer API, for the browser
arraybuffer
browser
browserify
buffer
compatible
+2
feross
axios
0.21.4
Outdated
Promise based HTTP client for the browser and node.js
xhr
http
ajax
promise
node
+1
core-util-is
1.0.2 - 1.0.3
The `util.is*` functions introduced in Node v0.12.
util
isBuffer
isArray
isNumber
isString
+4
isaacs
base64-js
1.3.0 - 1.5.1
Base64 encoding/decoding in pure JS
base64
events
3.0.0 - 3.3.0
Node's event emitter for all engines.
events
eventEmitter
eventDispatcher
listeners
core-js
2.6.0 - 2.6.12
Outdated
Standard library
ES3
ES5
ES6
ES7
ES2015
+39
zloirock
util
0.11.0 - 0.12.5
Node.js's util module for all engines
util
+3
jws
3.2.1 - 4.0.0
Implementation of JSON Web Signatures
jws
json
web
signatures
+4
jwa
1.4.1
Outdated
JWA implementation (supports all JWS algorithms)
jwa
jws
jwt
rsa
ecdsa
+1
+4
lodash.isplainobject
4.0.6
The lodash method `_.isPlainObject` exported as a module.
lodash-modularized
isplainobject
minimalistic-assert
1.0.0 - 1.0.1
minimalistic-assert ===
ecdsa-sig-formatter
1.0.10 - 1.0.11
Translate ECDSA signatures between ASN.1/DER and JOSE-style concatenation
ecdsa
der
asn.1
jwt
jwa
+2
d2l-travis-deploy
buffer-equal-constant-time
1.0.0 - 1.0.1
Constant-time comparison of Buffers
buffer
equal
constant-time
crypto
lodash.isstring
4.0.1
The lodash method `_.isString` exported as a module.
lodash-modularized
isstring
sha.js
2.4.9 - 2.4.11
Streamable SHA hashes in pure javascript
asn1.js
5.1.0 - 5.4.1
ASN.1 encoder and decoder
asn.1
der
object.getownpropertydescriptors
2.0.0 - 2.1.4
Outdated
ES2017 spec-compliant shim for `Object.getOwnPropertyDescriptors` that works in ES5.
Object.getOwnPropertyDescriptors
descriptor
property descriptor
ES8
ES2017
+4
ljharb
hash-base
3.0.4 - 3.1.0
abstract base class for hash-streams
hash
stream
+1
elliptic
6.5.2 - 6.5.4
Outdated
EC cryptography
EC
Elliptic
curve
Cryptography
indutny
@sentry/utils
5.0.6 - 6.19.7
Outdated
Utilities for all Sentry JavaScript SDKs
+8
lodash.isnumber
3.0.1 - 3.0.3
The lodash method `_.isNumber` exported as a module.
lodash-modularized
isnumber
hash.js
1.1.2 - 1.1.7
Various hash functions that could be run by both browser and node
hash
sha256
sha224
hmac
indutny
hmac-drbg
1.0.1
Deterministic random bit generator (hmac)
hmac
drbg
prng
indutny
des.js
1.0.1
Outdated
DES implementation
DES
3DES
EDE
CBC
indutny
md5.js
1.1.0 - 1.3.5
node style md5 on pure JavaScript
crypto
md5
+2
pbkdf2
3.1.0 - 3.1.2
This library provides the functionality of PBKDF2 with the ability to use any supported hashing algorithm returned from crypto.getHashes()
pbkdf2
kdf
salt
hash
+3
cipher-base
1.0.4
abstract base class for crypto-streams
cipher
stream
parse-asn1
5.1.4 - 5.1.5
Outdated
utility library for parsing asn1 files for use with browserify-sign.
+2
browserify-sign
2.4.0 - 2.8.0
Outdated
adds node crypto signing for browsers
+2
browserify-aes
0.4.0 - 0.8.1
Outdated
aes, for browserify
aes
crypto
browserify
+2
evp_bytestokey
1.0.3
The insecure key derivation algorithm from OpenSSL
crypto
openssl
browserify-rsa
4.1.0
RSA for browserify
+2
timers-browserify
2.0.9
Outdated
timers module for browserify
timers
browserify
browser
+36
create-ecdh
3.0.0 - 4.0.4
createECDH but browserifiable
diffie
hellman
diffiehellman
ECDH
+2
public-encrypt
4.0.3
browserify version of publicEncrypt & privateDecrypt
+2
diffie-hellman
1.1.2
Outdated
pure js diffie-hellman
diffie
hellman
diffiehellman
dh
+2
browserify-des
1.0.2
browserify-des ===
miller-rabin
1.1.0 - 4.0.1
Miller Rabin algorithm for primality test
prime
miller-rabin
bignumber
randomfill
1.0.0 - 1.0.4
random fill from browserify stand alone
crypto
random
vm-browserify
0.0.1 - 1.1.2
vm module for the browser
vm
browser
eval
+36
p-is-promise
3.0.0 - 4.0.0
Check if something is a promise
promise
is
detect
check
kind
+7
sindresorhus
@hookform/resolvers
1.1.0
Outdated
React Hook Form validation resolvers: Yup, Joi, Superstruct, Zod, Vest, Class Validator, io-ts, Nope, computed-types, TypeBox, arktype and Typanion
scheme
validation
scheme-validation
hookform
react-hook-form
+14
fp-ts
2.6.6 - 2.9.5
Outdated
Functional programming in TypeScript
typescript
algebraic-data-types
functional-programming
gcanti
react-virtualized
9.10.0 - 9.22.2
Outdated
React components for efficiently rendering large, scrollable lists and tabular data
react
reactjs
react-component
virtual
list
+10
+2
google-map-react
0.21.0 - 1.1.7
Outdated
Isomorphic component that allows rendering react components on a google map
react
reactjs
google
map
maps
+5
Popular search queries
webpack.js.org
url
react-scripts
react
lottie-api
react-helmet-async
+7 packages
github.com
color-convert
@headlessui/react
hoist-non-react-statics
reactstrap
lit-html
+60 packages
pinterest.com
lodash
relay-runtime
react-relay
react-use
lodash-es
+51 packages
Popular packages
react
React is a JavaScript library for building user interfaces.
+6 634 websites
core-js
Standard library
+10 238 websites
es5-ext
ECMAScript extensions and shims
+10 229 websites
@babel/runtime
babel's modular runtime helpers
+8 352 websites
lodash
Lodash modular utilities.
+4 826 websites
axios
Promise based HTTP client for the browser and node.js
+4 742 websites