About
Community
metadefender.opswat.com
73 packages
Last scanned on Oct 27 at 07:55 PM
Update
Name
Size
Popularity
Severity
lodash
4.17.16
Vulnerable
Outdated
Lodash modular utilities.
Script
https://mdcl-cdn.opswat.com/1.61.3-46a255c9/city/app-903795b259630b107f3a.js
License
MIT
Footprint
7 KB
Vulnerabilities
High
GHSA-35jh-r3h4-6jhm
Command Injection in lodash
Affected versions >=0 <4.17.21
Moderate
GHSA-29mw-wpgm-hmr9
Regular Expression Denial of Service (ReDoS) in lodash
Affected versions >=0 <4.17.21
High
GHSA-p6mc-m468-83gw
Prototype Pollution in lodash
Affected versions >=3.7.0 <4.17.19
Matched Modules
Version distribution in production
3 846
4.17.16
946
4.17.21
337
4.17.20
322
4.17.15
302
4.17.19
301
4.17.13
Also used on 4830 websites
skype.com
20 packages
sentry.io
157 packages
pinterest.com
56 packages
pinimg.com
52 packages
Repository
Homepage
More
modules
stdlib
util
axios
0.19.1 - 0.19.2
Vulnerable
Outdated
Promise based HTTP client for the browser and node.js
xhr
http
ajax
promise
node
+1
moment
2.19.0 - 2.25.1
Vulnerable
Outdated
Parse, validate, manipulate, and display dates
moment
date
time
parse
format
+4
+2
html-parse-stringify2
2.0.1
Vulnerable
Parses well-formed HTML (meaning all tags closed) into an AST and back. quickly.
html
parse
stringify
ast
rayd
es5-ext
0.10.24 - 0.10.49
Vulnerable
Outdated
ECMAScript extensions and shims
ecmascript
ecmascript5
ecmascript6
es5
es6
+11
medikoo
source-map
0.5.7
Outdated
Generates and consumes source maps
+16
readable-stream
2.3.4 - 2.3.7
Outdated
Node.js Streams, a user-land copy of the stream library from Node.js
readable
stream
pipe
escape-string-regexp
1.0.0 - 1.0.5
Outdated
Escape RegExp special characters
escape
regex
regexp
regular
expression
+3
sindresorhus
string_decoder
1.1.0 - 1.3.0
The string_decoder module from Node core
string
decoder
browser
browserify
+1
uuid
7.0.0 - 8.0.0
Outdated
RFC4122 (v1, v4, and v5) UUIDs
uuid
guid
rfc4122
isarray
1.0.0 - 2.0.5
Array#isArray for older browsers
browser
isarray
array
juliangruber
react-is
16.3.0 - 16.13.1
Outdated
Brand checking of React Elements.
react
+1
inherits
2.0.4
Browser-friendly inheritance fully compatible with standard node.js inherits()
inheritance
class
klass
oop
object-oriented
+3
isaacs
buffer
4.6.0 - 4.9.2
Outdated
Node.js Buffer API, for the browser
arraybuffer
browser
browserify
buffer
compatible
+2
feross
entities
2.0.0
Outdated
Encode & decode XML and HTML entities with ease & speed
entity
decoding
encoding
html
xml
+1
feedic
@babel/runtime
7.9.6 - 7.12.18
Outdated
babel's modular runtime helpers
+1
core-util-is
1.0.2 - 1.0.3
The `util.is*` functions introduced in Node v0.12.
util
isBuffer
isArray
isNumber
isString
+4
isaacs
isobject
3.0.0 - 4.0.0
Returns true if the value is an object and not an array or null.
check
is
is-object
isobject
kind
+7
is-plain-object
2.0.0 - 3.0.0
Outdated
Returns true if an object was created by the `Object` constructor, or Object.create(null).
check
is
is-object
isobject
javascript
+7
postcss-value-parser
1.0.0 - 2.0.5
Outdated
Transforms css values and at-rule params into the tree
postcss
value
parser
domutils
1.5.1
Outdated
Utilities for working with htmlparser2's dom
dom
htmlparser2
feedic
base64-js
1.3.0 - 1.5.1
Base64 encoding/decoding in pure JS
base64
dom-serializer
0.2.0 - 0.2.2
Outdated
render domhandler DOM nodes to a string
html
xml
render
feedic
domhandler
2.4.0 - 2.4.2
Outdated
Handler for htmlparser2 that turns pages into a dom
dom
htmlparser2
feedic
events
3.0.0 - 3.3.0
Node's event emitter for all engines.
events
eventEmitter
eventDispatcher
listeners
deepmerge
4.2.2
Outdated
A library for deep (recursive) merging of Javascript objects
merge
deep
extend
copy
clone
+1
tehshrike
domelementtype
1.2.0 - 1.3.1
Outdated
all the types of nodes in htmlparser2's dom
dom
element
types
htmlparser2
feedic
core-js
3.4.5 - 3.6.5
Outdated
Standard library
ES3
ES5
ES6
ES7
ES2015
+39
zloirock
htmlparser2
3.10.0 - 3.10.1
Outdated
Fast & forgiving HTML/XML parser
html
parser
streams
xml
dom
+3
feedic
is-typedarray
1.0.0
Detect whether or not an object is a Typed Array
typed
array
detect
is
util
hughsk
scheduler
0.15.0 - 0.23.0
Cooperative scheduler for the browser environment.
react
+1
prop-types
15.7.0 - 15.7.2
Outdated
Runtime type checking for React props and similar objects.
react
react
17.0.0 - 17.0.2
Outdated
React is a JavaScript library for building user interfaces.
react
+1
dayjs
1.10.6 - 1.10.8
Outdated
2KB immutable date time library alternative to Moment.js with the same modern API
dayjs
date
time
immutable
moment
iamkun
hoist-non-react-statics
3.3.1 - 3.3.2
Copies non-react specific statics from a child component to a parent component
react
mridgway
typedarray-to-buffer
3.1.3 - 3.1.5
Outdated
Convert a typed array to a Buffer without a copy
buffer
typed array
convert
no copy
uint8array
+9
feross
path-browserify
0.0.0 - 0.0.1
Outdated
the path module from node core for browsers
browser
browserify
path
+36
classnames
2.2.6
Outdated
A simple utility for conditionally joining classNames together
react
css
classes
classname
classnames
+2
react-transition-group
4.1.0 - 4.4.5
A react component toolset for managing animations
react
transition
addons
transition-group
animation
+2
dom-helpers
5.1.4
Outdated
tiny modular DOM lib for ie9+
dom-helpers
react-component
dom
api
cross-browser
+8
klona
2.0.0 - 2.0.4
Outdated
A tiny (240B to 501B) and fast utility to "deep clone" Objects, Arrays, Dates, RegExps, and more!
clone
copy
deep
extend
recursive
+1
lukeed
@sentry/utils
5.0.6 - 6.16.1
Outdated
Utilities for all Sentry JavaScript SDKs
+8
@sentry/core
5.10.2 - 6.16.1
Outdated
Base implementation for all Sentry JavaScript SDKs
+8
lodash-es
4.17.21
Lodash exported as ES modules.
es6
modules
stdlib
util
react-fast-compare
2.0.4
Outdated
Fastest deep equal comparison for React. Great for React.memo & shouldComponentUpdate. Also really fast general-purpose deep comparison.
fast
equal
react
compare
shouldComponentUpdate
+1
+12
timers-browserify
2.0.9
Outdated
timers module for browserify
timers
browserify
browser
+36
crypto-browserify
1.0.9 - 2.0.0
Outdated
implementation of crypto for the browser
+2
shallowequal
1.0.1 - 1.1.0
Like lodash isEqualWith but for shallow equal.
shallowequal
shallow
equal
isequal
compare
+1
dashed
void-elements
2.0.1
Outdated
Array of "void elements" defined by the HTML specification.
html
void
elements
+4
@vue/runtime-dom
3.0.3 - 3.1.5
Outdated
@vue/runtime-dom
vue
uncontrollable
7.1.0 - 7.2.1
Outdated
Wrap a controlled react component, to allow specific prop/handler pairs to be uncontrolled
uncontrolled-component
react-component
input
controlled
uncontrolled
+1
monastic.panic
react-side-effect
1.2.0
Outdated
Create components whose prop changes map to a global side effect
react
component
side
effect
react-helmet
5.2.0 - 5.2.1
Outdated
A document head manager for React
react-helmet
nfl
react
document
head
+7
+2
parse-srcset
1.0.0 - 1.0.2
A spec-conformant JavaScript parser for the HTML5 srcset attribute
albell
@restart/hooks
0.2.8 - 0.4.7
Outdated
A set of utility and general-purpose React hooks.
react-overlays
4.0.0 - 4.1.1
Outdated
Utilities for creating robust overlay components
react-overlays
react-component
react
overlay
react-component
+4
react-bootstrap
1.3.0
Outdated
Bootstrap 5 components built with React
bootstrap
react
component
components
ecosystem-react
+1
any-base
1.0.1 - 1.1.0
Converter from any base to other any base
number
convert
base
alphabet
short number
+6
mifczu
@reach/router
1.3.1 - 1.3.4
Next generation Routing for React.
react
react router
+1
apollo-client
0.8.5
Outdated
A simple yet functional GraphQL client.
ecmascript
es2015
jsnext
javascript
relay
+2
+5
react-gtm-module
2.0.8
Outdated
React Google Tag Manager Module
react
reactjs
react-component
google tag manager
tag manager
+1
alinemorelli
gatsby
4.24.0 - 4.24.5
Outdated
Blazing fast modern site generator for React
blog
generator
jekyll
markdown
react
+2
+10
gatsby-link
2.4.4 - 4.17.0
Outdated
An enhanced Link component for Gatsby sites with support for resource prefetching
gatsby
+3
gatsby-react-router-scroll
3.0.4 - 3.7.0
Outdated
React Router scroll management forked from https://github.com/ytase/react-router-scroll for Gatsby
gatsby
+10
short-uuid
3.1.0 - 3.1.1
Outdated
Create and translate standard UUIDs with shorter formats.
uuid
guid
uid
node
oculus42
@fingerprintjs/fingerprintjs
3.0.1 - 3.3.6
Outdated
Browser fingerprinting library with the highest accuracy and stability
fraud
fraud detection
fraud prevention
browser
identification
+5
react-bootstrap-table-next
4.0.3
Next generation of react-bootstrap-table
react
bootstrap
table
grid
react-component
allenfang
@mikaelkristiansson/domready
1.0.10 - 1.0.11
modern domready
ender
domready
dom
mikaelkristiansson87
html-attributes
1.1.0
List of HTML attributes as a map of camelCased names.
amingoia
filter-invalid-dom-props
2.0.0 - 2.1.0
Outdated
a function to filter props that are not valid dom props when spreading props in an HOC in react
react
props
dom
filter-props
dom-props
+46
gatsby-plugin-google-analytics
2.1.34 - 3.7.1
Outdated
Gatsby plugin to add google analytics onto a site
gatsby
gatsby-plugin
google analytics
+2
gatsby-background-image
0.9.12 - 0.9.16
Outdated
Lazy-loading React background-image component with optional support for the blur-up effect.
gatsby
gatsby-component
gatsby-image
background-image
backgroundImage
+3
timhagn
sort-media-queries
0.2.0 - 0.2.2
Sort media queries.
sort
media
queries
niksy
Popular search queries
webpack.js.org
url
react-scripts
react
lottie-api
react-helmet-async
+7 packages
github.com
color-convert
@headlessui/react
hoist-non-react-statics
reactstrap
lit-html
+60 packages
pinterest.com
lodash
relay-runtime
react-relay
react-use
lodash-es
+51 packages
Popular packages
react
React is a JavaScript library for building user interfaces.
+6 634 websites
core-js
Standard library
+10 238 websites
es5-ext
ECMAScript extensions and shims
+10 229 websites
@babel/runtime
babel's modular runtime helpers
+8 352 websites
lodash
Lodash modular utilities.
+4 826 websites
axios
Promise based HTTP client for the browser and node.js
+4 742 websites