globalcitizen.org 102 packages

Last scanned on Oct 27 at 06:14 PM
lodash 4.17.16VulnerableOutdated
Lodash modular utilities.
License
MIT
Footprint
3 KB
Vulnerabilities
Command Injection in lodash
Affected versions >=0 <4.17.21
Regular Expression Denial of Service (ReDoS) in lodash
Affected versions >=0 <4.17.21
Prototype Pollution in lodash
Affected versions >=0 <4.17.20
Matched Modules
Version distribution in production
3 846
4.17.16
946
4.17.21
337
4.17.20
322
4.17.15
302
4.17.19
301
4.17.13
ua-parser-js 0.7.22VulnerableOutdated
Detect Browser, Engine, OS, CPU, and Device type/model from User-Agent data. Supports browser & node.js environment
markdown-it 2.0.0 - 2.1.0VulnerableOutdated
Markdown-it - modern pluggable markdown parser.
moment-timezone 0.5.33VulnerableOutdated
Parse and display moments in any timezone.
i18next 2.2.0 - 2.3.3VulnerableOutdated
i18next internationalization framework
debug 2.3.1 - 3.1.0Outdated
Lightweight debugging utility for Node.js and the browser
ms 2.0.0Outdated
Tiny millisecond conversion utility
+5
nwienert
gdborton
rauchg
tslib 1.9.2 - 2.4.0Outdated
Runtime library for TypeScript helper functions
inherits 2.0.3 - 2.0.4
Browser-friendly inheritance fully compatible with standard node.js inherits()
react-is 16.3.0 - 17.0.2Outdated
Brand checking of React Elements.
form-data 1.0.0 - 4.0.0
A library to create readable "multipart/form-data" streams. Can be used to submit forms and file uploads to other web applications.
+2
mikeal
niftylettuce
alexindigo
@babel/runtime 7.13.6 - 7.13.7Outdated
babel's modular runtime helpers
+1
hzoo
existentialism
nicolo-ribaudo
core-js 2.6.11Outdated
Standard library
has-symbols 1.0.0 - 1.0.1Outdated
Determine if the JS environment has Symbol support. Supports spec, or shams.
object-inspect 1.8.0Outdated
string representations of objects in node and the browser
axios 0.21.4Outdated
Promise based HTTP client for the browser and node.js
get-intrinsic 1.0.0 - 1.0.1Outdated
Get and robustly cache all JS language-level intrinsics at first require time
es-abstract 1.17.7Outdated
ECMAScript spec abstract operations.
has 1.0.1 - 1.0.3
Object.prototype.hasOwnProperty.call shortcut
tarruda
ljharb
is-callable 1.2.0 - 1.2.2Outdated
Is this JS value callable? Works with Functions and GeneratorFunctions, despite ES6 @@toStringTag.
function-bind 1.1.0 - 1.1.1
Implementation of Function.prototype.bind
util 0.10.0 - 0.12.5
Node.js's util module for all engines
define-properties 1.1.3 - 1.1.4
Define multiple non-enumerable properties at once. Uses `Object.defineProperty` when available; falls back to standard assignment in older engines.
is-regex 1.1.1Outdated
Is this value a JS regex? Works cross-realm/iframe, and despite ES6 @@toStringTag
object-keys 1.1.0 - 1.1.1
An Object.keys replacement, in case Object.keys is not available. From https://github.com/es-shims/es5-shim
side-channel 1.0.1 - 1.0.3Outdated
Store information about any JS value in a side channel. Uses WeakMap if available.
is-date-object 1.0.1 - 1.0.3Outdated
Is this value a JS Date object? This module works cross-realm/iframe, and despite ES6 @@toStringTag.
regexp.prototype.flags 1.2.0 - 1.3.2Outdated
ES6 spec-compliant RegExp.prototype.flags shim.
es-to-primitive 1.2.0 - 1.2.1
ECMAScript “ToPrimitive” algorithm. Provides ES5 and ES2015 versions.
internal-slot 1.0.1 - 1.0.3Outdated
ES spec-like internal slots
eventemitter3 2.0.0 - 4.0.7Outdated
EventEmitter3 focuses on performance while maintaining a Node.js AND browser compatible interface.
performance-now 0.1.3 - 2.1.0
Implements performance.now (based on process.hrtime).
meryn
meryn
prop-types 15.7.0 - 15.7.2Outdated
Runtime type checking for React props and similar objects.
scheduler 0.15.0 - 0.23.0
Cooperative scheduler for the browser environment.
is-windows 0.1.0 - 0.2.0Outdated
Returns true if the platform is windows. UMD module, works with node.js, commonjs, browser, AMD, electron, etc.
react 16.13.0 - 18.2.0
React is a JavaScript library for building user interfaces.
lodash.debounce 4.0.8
The lodash method `_.debounce` exported as a module.
react-dom 18.0.0 - 18.2.0
React package for working with the DOM.
hoist-non-react-statics 3.3.1 - 3.3.2
Copies non-react specific statics from a child component to a parent component
mridgway
mridgway
object.getownpropertydescriptors 2.0.0 - 2.1.4Outdated
ES2017 spec-compliant shim for `Object.getOwnPropertyDescriptors` that works in ES5.
string.prototype.matchall 4.0.2 - 4.0.5Outdated
Spec-compliant polyfill for String.prototype.matchAll
classnames 2.2.6Outdated
A simple utility for conditionally joining classNames together
@emotion/unitless 0.7.2 - 0.8.0
An object of css properties that don't accept values with units
+1
emmatown
tkh44
emotion-release-bot
is-promise 2.1.0 - 4.0.0
Test whether an object looks like a promises-a+ promise
forbeslindesay
then-bot
@emotion/serialize 0.11.12 - 0.11.16Outdated
serialization utils for emotion
+1
emmatown
tkh44
emotion-release-bot
graphql 16.1.0 - 16.6.0
A Query Language and Runtime which can target any service.
jsonc-parser 2.3.1 - 3.2.0
Scanner and parser for JSON with comments.
+4
alexandrudima
joaomoreno.ms
kaimaetzel
@emotion/sheet 0.9.1 - 0.9.4Outdated
emotion's stylesheet
+1
emmatown
tkh44
emotion-release-bot
memoize-one 5.1.0 - 5.1.1Outdated
A memoization library which only remembers the latest invocation
shallowequal 1.0.1 - 1.1.0
Like lodash isEqualWith but for shallow equal.
lodash-es 4.17.21
Lodash exported as ES modules.
react-lifecycles-compat 3.0.4
Backwards compatibility polyfill for React class components
+2
gaearon
acdlite
fb
raf 1.0.0 - 3.4.1
requestAnimationFrame polyfill for node and the browser
p-is-promise 3.0.0 - 4.0.0
Check if something is a promise
@emotion/stylis 0.8.1Outdated
A custom build of Stylis
+1
emmatown
tkh44
emotion-release-bot
unfetch 2.0.0 - 2.0.1Outdated
Bare minimum fetch polyfill in 500 bytes
polished 1.0.0 - 1.9.3Outdated
A lightweight toolset for writing styles in Javascript.
js-cookie 1.5.0 - 3.0.1
A simple, lightweight JavaScript API for handling cookies
graphql-tag 2.12.2 - 2.12.6
A JavaScript template literal tag that parses GraphQL queries
jnwng
abernix
apollo-bot
resize-observer-polyfill 1.5.0 - 1.5.1
A polyfill for the Resize Observer API
zen-observable-ts 1.2.4 - 1.2.5Outdated
Thin wrapper around zen-observable and @types/zen-observable, to support ESM exports as well as CommonJS exports
jbaxleyiii
apollo-bot
react-select 3.1.0 - 4.3.1Outdated
A Select control built with and for ReactJS
@wry/equality 0.5.1 - 0.5.2Outdated
Structural equality checking for JavaScript values
benjamn
benjamn
@emotion/core 10.0.17 - 10.3.1Outdated
+1
emmatown
tkh44
emotion-release-bot
@wry/context 0.4.0 - 0.6.1Outdated
Manage contextual information needed by (a)synchronous tasks without explicitly passing objects around
benjamn
benjamn
react-input-autosize 2.2.2Outdated
Auto-resizing Input Component for React
optimism 0.16.1Outdated
Composable reactive caching with efficient invalidation.
@apollo/client 3.6.5 - 3.6.10Outdated
A fully-featured caching GraphQL client.
attr-accept 2.2.2
JavaScript implementation of the "accept" attribute for HTML5 <input type="file">
exenv 1.1.0 - 1.2.2
React's ExecutionEnvironment module extracted for use in other packages & components
@wry/trie 0.2.1 - 0.3.2
https://en.wikipedia.org/wiki/Trie
d3 3.5.17Outdated
Data-Driven Documents
dset 3.0.0 - 3.1.2
A tiny (194B) utility for safely writing deep Object values~!
json2mq 0.2.0
Generate media query string from JSON or javascript object
akiran
akiran
string-convert 0.2.0 - 0.2.1
String convertions
akiran
akiran
react-modal 3.4.1 - 3.11.2Outdated
Accessible modal dialog component for React.JS
react-bootstrap 0.32.0 - 0.33.1Outdated
Bootstrap 5 components built with React
@datadog/browser-core 1.5.0 - 1.9.2Outdated
Datadog browser core utilities.
datadog
datadog
fp-ts 0.2.1 - 0.2.9Outdated
Functional programming in TypeScript
xstate 4.5.0Outdated
Finite State Machines and Statecharts for the Modern Web.
recharts 2.0.0Outdated
React charts
load-script 1.0.0 - 2.0.0
Dynamic script loading for browser
enquire.js 2.1.6
Awesome Media Queries in JavaScript
antd 3.26.14 - 4.1.0Outdated
An enterprise-class UI design language and React components implementation
react-slick 0.29.0
React port of slick carousel
mapbox-gl 0.22.0 - 0.33.1Outdated
A WebGL interactive maps library
+25
mbx-npm-ci-production
mbx-npm-ci-staging
mbx-npm-advanced-actions-production
flux 2.1.0 - 3.1.3Outdated
An application architecture based on a unidirectional data flow
body-scroll-lock 2.7.0 - 3.1.5Outdated
Enables body scroll locking (for iOS Mobile and Tablet, Android, desktop Safari/Chrome/Firefox) without breaking scrolling of a target element (eg. modal/lightbox/flyouts/nav-menus)
react-ga 3.0.0 - 3.3.0Outdated
React Google Analytics Module
rollbar 0.2.0 - 0.6.6Outdated
Error tracking and logging from JS to Rollbar
brianr
waltjones
sister 3.0.1 - 3.0.2
Event manager.
gajus
gajus
intl-tel-input 14.0.0 - 16.0.15Outdated
A JavaScript plugin for entering and validating international telephone numbers
react-feather 2.0.8 - 2.0.10
React component for Feather icons
react-countdown 2.3.2 - 2.3.3Outdated
A customizable countdown component for React.
react_ujs 0.2.0 - 1.0.0Outdated
Rails UJS for the react-rails gem
rmosolgo
bookofgreg
react-flip-move 3.0.4Outdated
Effortless animation between DOM changes (eg. list reordering) using the FLIP technique.
instantsearch.js 3.1.0 - 3.7.0Outdated
InstantSearch.js is a JavaScript library for building performant and instant search experiences with Algolia.
dialog-polyfill 0.4.4 - 0.4.5Outdated
Polyfill for the dialog element
samthor
google-wombot
chartist 1.0.0 - 1.2.1Outdated
Simple, responsive charts
react-stickynode 3.0.3 - 3.1.1Outdated
A performant and comprehensive React sticky component
@tannin/plural-forms 1.0.0 - 1.1.0
Compiles a function to compute the plural forms index for a given value
aduth
aduth
scrollmonitor 1.0.10 - 1.0.12Outdated
A simple and fast API to monitor DOM elements as you scroll
sakabako
sakabako