globalcitizen.org 102 packages

Last scanned on Oct 27 at 06:14 PM
lodash 4.17.16VulnerableOutdated
Lodash modular utilities.
License
MIT
Footprint
3 KB
Vulnerabilities
Command Injection in lodash
Affected versions >=0 <4.17.21
Regular Expression Denial of Service (ReDoS) in lodash
Affected versions >=0 <4.17.21
Prototype Pollution in lodash
Affected versions >=3.7.0 <4.17.19
Matched Modules
Version distribution in production
3 846
4.17.16
946
4.17.21
337
4.17.20
322
4.17.15
302
4.17.19
301
4.17.13
ua-parser-js 0.7.22VulnerableOutdated
Detect Browser, Engine, OS, CPU, and Device type/model from User-Agent & Client Hints data. Supports browser & node.js environment
markdown-it 2.0.0 - 2.1.0VulnerableOutdated
Markdown-it - modern pluggable markdown parser.
moment-timezone 0.5.33VulnerableOutdated
Parse and display moments in any timezone.
i18next 2.2.0 - 2.3.3VulnerableOutdated
i18next internationalization framework
debug 2.3.1 - 3.1.0Outdated
Lightweight debugging utility for Node.js and the browser
tslib 1.9.2 - 2.4.0Outdated
Runtime library for TypeScript helper functions
ms 2.0.0Outdated
Tiny millisecond conversion utility
+5
gdborton
matheuss
rauchg
react-is 16.3.0 - 17.0.2Outdated
Brand checking of React Elements.
inherits 2.0.3 - 2.0.4
Browser-friendly inheritance fully compatible with standard node.js inherits()
form-data 1.0.0 - 4.0.0
A library to create readable "multipart/form-data" streams. Can be used to submit forms and file uploads to other web applications.
+2
mikeal
niftylettuce
alexindigo
@babel/runtime 7.13.6 - 7.13.7Outdated
babel's modular runtime helpers
+1
hzoo
existentialism
nicolo-ribaudo
get-intrinsic 1.0.0 - 1.0.1Outdated
Get and robustly cache all JS language-level intrinsics at first require time
function-bind 1.1.0 - 1.1.1Outdated
Implementation of Function.prototype.bind
axios 0.21.4Outdated
Promise based HTTP client for the browser and node.js
object-inspect 1.8.0Outdated
string representations of objects in node and the browser
has-symbols 1.0.0 - 1.0.1Outdated
Determine if the JS environment has Symbol support. Supports spec, or shams.
side-channel 1.0.1 - 1.0.3Outdated
Store information about any JS value in a side channel. Uses WeakMap if available.
es-abstract 1.17.7Outdated
ECMAScript spec abstract operations.
define-properties 1.1.3 - 1.1.4Outdated
Define multiple non-enumerable properties at once. Uses `Object.defineProperty` when available; falls back to standard assignment in older engines.
is-callable 1.2.0 - 1.2.2Outdated
Is this JS value callable? Works with Functions and GeneratorFunctions, despite ES6 @@toStringTag.
object-keys 1.1.0 - 1.1.1
An Object.keys replacement, in case Object.keys is not available. From https://github.com/es-shims/es5-shim
regexp.prototype.flags 1.2.0 - 1.3.2Outdated
ES6 spec-compliant RegExp.prototype.flags shim.
core-js 2.6.11Outdated
Standard library
is-regex 1.1.1Outdated
Is this value a JS regex? Works cross-realm/iframe, and despite ES6 @@toStringTag
internal-slot 1.0.1 - 1.0.3Outdated
ES spec-like internal slots
is-date-object 1.0.1 - 1.0.3Outdated
Is this value a JS Date object? This module works cross-realm/iframe, and despite ES6 @@toStringTag.
util 0.10.0 - 0.12.5
Node.js's util module for all engines
eventemitter3 2.0.0 - 4.0.7Outdated
EventEmitter3 focuses on performance while maintaining a Node.js AND browser compatible interface.
es-to-primitive 1.2.0 - 1.2.1
ECMAScript “ToPrimitive” algorithm. Provides ES5 and ES2015 versions.
has 1.0.1 - 1.0.3Outdated
Object.prototype.hasOwnProperty.call shortcut
tarruda
tarruda
scheduler 0.15.0 - 0.23.0
Cooperative scheduler for the browser environment.
prop-types 15.7.0 - 15.7.2Outdated
Runtime type checking for React props and similar objects.
react 16.13.0 - 18.2.0
React is a JavaScript library for building user interfaces.
react-dom 18.0.0 - 18.2.0
React package for working with the DOM.
lodash.debounce 4.0.8
The lodash method `_.debounce` exported as a module.
performance-now 0.1.3 - 2.1.0
Implements performance.now (based on process.hrtime).
meryn
meryn
is-windows 0.1.0 - 0.2.0Outdated
Returns true if the platform is windows. UMD module, works with node.js, commonjs, browser, AMD, electron, etc.
string.prototype.matchall 4.0.2 - 4.0.5Outdated
Spec-compliant polyfill for String.prototype.matchAll
jsonc-parser 2.3.1 - 3.2.0Outdated
Scanner and parser for JSON with comments.
+4
alexandrudima
joaomoreno.ms
kaimaetzel
hoist-non-react-statics 3.3.1 - 3.3.2
Copies non-react specific statics from a child component to a parent component
mridgway
mridgway
@emotion/unitless 0.7.2 - 0.8.0Outdated
An object of css properties that don't accept values with units
+1
emmatown
tkh44
emotion-release-bot
classnames 2.2.6Outdated
A simple utility for conditionally joining classNames together
graphql 16.1.0 - 16.6.0Outdated
A Query Language and Runtime which can target any service.
@emotion/serialize 0.11.12 - 0.11.16Outdated
serialization utils for emotion
+1
emmatown
tkh44
emotion-release-bot
memoize-one 5.1.0 - 5.1.1Outdated
A memoization library which only remembers the latest invocation
object.getownpropertydescriptors 2.0.0 - 2.1.4Outdated
ES2017 spec-compliant shim for `Object.getOwnPropertyDescriptors` that works in ES5.
@emotion/sheet 0.9.1 - 0.9.4Outdated
emotion's stylesheet
+1
emmatown
tkh44
emotion-release-bot
is-promise 2.1.0 - 4.0.0
Test whether an object looks like a promises-a+ promise
forbeslindesay
then-bot
lodash-es 4.17.21
Lodash exported as ES modules.
js-cookie 1.5.0 - 3.0.1Outdated
A simple, lightweight JavaScript API for handling cookies
shallowequal 1.0.1 - 1.1.0
Like lodash isEqualWith but for shallow equal.
raf 1.0.0 - 3.4.1
requestAnimationFrame polyfill for node and the browser
polished 1.0.0 - 1.9.3Outdated
A lightweight toolset for writing styles in Javascript.
react-lifecycles-compat 3.0.4
Backwards compatibility polyfill for React class components
fb
sophiebits
graphql-tag 2.12.2 - 2.12.6
A JavaScript template literal tag that parses GraphQL queries
jnwng
abernix
apollo-bot
resize-observer-polyfill 1.5.0 - 1.5.1
A polyfill for the Resize Observer API
p-is-promise 3.0.0 - 4.0.0
Check if something is a promise
react-select 3.1.0 - 4.3.1Outdated
A Select control built with and for ReactJS
@emotion/stylis 0.8.1Outdated
A custom build of Stylis
+1
emmatown
tkh44
emotion-release-bot
unfetch 2.0.0 - 2.0.1Outdated
Bare minimum fetch polyfill in 500 bytes
zen-observable-ts 1.2.4 - 1.2.5Outdated
Thin wrapper around zen-observable and @types/zen-observable, to support ESM exports as well as CommonJS exports
jbaxleyiii
apollo-bot
@wry/trie 0.2.1 - 0.3.2Outdated
https://en.wikipedia.org/wiki/Trie
@wry/equality 0.5.1 - 0.5.2Outdated
Structural equality checking for JavaScript values
benjamn
benjamn
dset 3.0.0 - 3.1.2Outdated
A tiny (194B) utility for safely writing deep Object values~!
@wry/context 0.4.0 - 0.6.1Outdated
Manage contextual information needed by (a)synchronous tasks without explicitly passing objects around
benjamn
benjamn
optimism 0.16.1Outdated
Composable reactive caching with efficient invalidation.
@apollo/client 3.6.5 - 3.6.10Outdated
A fully-featured caching GraphQL client.
attr-accept 2.2.2
JavaScript implementation of the "accept" attribute for HTML5 <input type="file">
d3 3.5.17Outdated
Data-Driven Documents
@emotion/core 10.0.17 - 10.3.1Outdated
+1
emmatown
tkh44
emotion-release-bot
react-input-autosize 2.2.2Outdated
Auto-resizing Input Component for React
exenv 1.1.0 - 1.2.2
React's ExecutionEnvironment module extracted for use in other packages & components
fp-ts 0.2.1 - 0.2.9Outdated
Functional programming in TypeScript
string-convert 0.2.0 - 0.2.1
String convertions
akiran
akiran
json2mq 0.2.0
Generate media query string from JSON or javascript object
akiran
akiran
@datadog/browser-core 1.5.0 - 1.9.2Outdated
Datadog browser core utilities.
datadog
datadog
xstate 4.5.0Outdated
Finite State Machines and Statecharts for the Modern Web.
recharts 2.0.0Outdated
React charts
react-modal 3.4.1 - 3.11.2Outdated
Accessible modal dialog component for React.JS
react-bootstrap 0.32.0 - 0.33.1Outdated
Bootstrap 5 components built with React
load-script 1.0.0 - 2.0.0
Dynamic script loading for browser
antd 3.26.14 - 4.1.0Outdated
An enterprise-class UI design language and React components implementation
enquire.js 2.1.6
Awesome Media Queries in JavaScript
react-slick 0.29.0Outdated
React port of slick carousel
mapbox-gl 0.22.0 - 0.33.1Outdated
A WebGL interactive maps library
+25
mbx-npm-ci-production
mbx-npm-ci-staging
mbx-npm-advanced-actions-production
body-scroll-lock 2.7.0 - 3.1.5Outdated
Enables body scroll locking (for iOS Mobile and Tablet, Android, desktop Safari/Chrome/Firefox) without breaking scrolling of a target element (eg. modal/lightbox/flyouts/nav-menus)
flux 2.1.0 - 3.1.3Outdated
An application architecture based on a unidirectional data flow
rollbar 0.2.0 - 0.6.6Outdated
Effortlessly track and debug errors in your JavaScript applications with Rollbar. This package includes advanced error tracking features and an intuitive interface to help you identify and fix issues more quickly.
sister 3.0.1 - 3.0.2
Event manager.
gajus
gajus
react-ga 3.0.0 - 3.3.0Outdated
React Google Analytics Module
instantsearch.js 3.1.0 - 3.7.0Outdated
InstantSearch.js is a JavaScript library for building performant and instant search experiences with Algolia.
intl-tel-input 14.0.0 - 16.0.15Outdated
A JavaScript plugin for entering and validating international telephone numbers
react-feather 2.0.8 - 2.0.10
React component for Feather icons
react_ujs 0.2.0 - 1.0.0Outdated
Rails UJS for the react-rails gem
shakacode-justin
bookofgreg
rmosolgo
react-countdown 2.3.2 - 2.3.3Outdated
A customizable countdown component for React.
dialog-polyfill 0.4.4 - 0.4.5Outdated
Polyfill for the dialog element
samthor
google-wombot
react-flip-move 3.0.4Outdated
Effortless animation between DOM changes (eg. list reordering) using the FLIP technique.
react-stickynode 3.0.3 - 3.1.1Outdated
A performant and comprehensive React sticky component
chartist 1.0.0 - 1.2.1Outdated
Simple, responsive charts
@tannin/plural-forms 1.0.0 - 1.1.0
Compiles a function to compute the plural forms index for a given value
aduth
aduth
scrollmonitor 1.0.10 - 1.0.12Outdated
A simple and fast API to monitor DOM elements as you scroll
sakabako
sakabako