About
Community
notion.so
56 packages
Last scanned on Jul 11 at 11:05 PM
Update
Name
Size
Popularity
Severity
crypto-js
3.1.2 - 4.1.1
Vulnerable
Outdated
JavaScript library of crypto standards.
Script
https://notion.so/_next/static/chunks/pages/_app-7b66d6336bba8ed9.js
License
MIT
Footprint
646 B
Vulnerabilities
Critical
GHSA-xwcq-pm8m-c4vf
crypto-js PBKDF2 1,000 times weaker than specified in 1993 and 1.3M times weaker than current standard
Affected versions >=0 <4.2.0
Matched Modules
Version distribution in production
457
4.1.0
457
4.1.1
185
3.3.0
162
3.1.8
143
3.2.1
143
4.0.0
Also used on 738 websites
pubmatic.com
4 packages
tiktok.com
91 packages
redd.it
180 packages
www.reddit.com
183 packages
Repository
Homepage
More
security
crypto
Hash
MD5
SHA1
+15
evanvosberg
markdown-it
12.3.0
Vulnerable
Outdated
Markdown-it - modern pluggable markdown parser.
markdown
parser
commonmark
markdown-it
markdown-it-plugin
vitaly
tslib
1.2.0 - 2.6.0
Outdated
Runtime library for TypeScript helper functions
TypeScript
Microsoft
compiler
language
javascript
+2
+5
debug
2.3.1 - 3.1.0
Outdated
Lightweight debugging utility for Node.js and the browser
debug
log
debugger
+1
ms
0.7.2 - 2.0.0
Outdated
Tiny millisecond conversion utility
+5
uuid
7.0.0 - 9.0.0
Outdated
RFC4122 (v1, v4, and v5) UUIDs
uuid
guid
rfc4122
isarray
1.0.0 - 2.0.5
Array#isArray for older browsers
browser
isarray
array
juliangruber
react-is
16.3.0 - 16.13.1
Outdated
Brand checking of React Elements.
react
+1
punycode
2.1.1 - 2.3.0
Outdated
A robust Punycode converter that fully complies to RFC 3492 and RFC 5891, and works on nearly all JavaScript platforms.
punycode
unicode
idn
idna
dns
+2
qs
6.10.0 - 6.10.5
Outdated
A querystring parser that supports nesting and arrays, with a depth limit
querystring
qs
query
url
parse
+1
buffer
4.9.1 - 4.9.2
Outdated
Node.js Buffer API, for the browser
arraybuffer
browser
browserify
buffer
compatible
+2
feross
get-intrinsic
1.2.0
Outdated
Get and robustly cache all JS language-level intrinsics at first require time
javascript
ecmascript
es
js
intrinsic
+2
ljharb
function-bind
1.1.0 - 1.1.1
Outdated
Implementation of Function.prototype.bind
function
bind
shim
es5
path-to-regexp
6.1.0 - 6.2.0
Outdated
Express style path to RegExp utility
express
regexp
route
routing
+2
object-inspect
1.12.2 - 1.12.3
Outdated
string representations of objects in node and the browser
inspect
util.inspect
object
stringify
pretty
call-bind
1.0.1 - 1.0.2
Outdated
Robustly `.call.bind()` a function
javascript
ecmascript
es
js
callbind
+8
ljharb
fast-deep-equal
3.0.0 - 3.1.3
Fast deep equal
fast
equal
deep-equal
esp
has-symbols
1.0.2 - 1.0.3
Determine if the JS environment has Symbol support. Supports spec, or shams.
Symbol
symbols
typeof
sham
polyfill
+3
ljharb
side-channel
1.0.4
Outdated
Store information about any JS value in a side channel. Uses WeakMap if available.
weakmap
map
side
channel
metadata
ljharb
base64-js
1.3.0 - 1.5.1
Base64 encoding/decoding in pure JS
base64
is-buffer
1.1.4 - 1.1.6
Outdated
Determine if an object is a Buffer
arraybuffer
browser
browser buffer
browserify
buffer
+10
feross
has
1.0.1 - 1.0.3
Outdated
Object.prototype.hasOwnProperty.call shortcut
tarruda
scheduler
0.21.0 - 0.23.0
Cooperative scheduler for the browser environment.
react
+1
prop-types
15.7.0 - 15.7.2
Outdated
Runtime type checking for React props and similar objects.
react
react
17.0.0 - 18.2.0
React is a JavaScript library for building user interfaces.
react
+1
react-dom
18.0.0 - 18.2.0
React package for working with the DOM.
react
+2
hoist-non-react-statics
3.3.1 - 3.3.2
Copies non-react specific statics from a child component to a parent component
react
mridgway
classnames
2.2.6
Outdated
A simple utility for conditionally joining classNames together
react
css
classes
classname
classnames
+2
ua-parser-js
0.7.24
Outdated
Detect Browser, Engine, OS, CPU, and Device type/model from User-Agent & Client Hints data. Supports browser & node.js environment
user-agent
client-hints
parser
browser
engine
+9
faisalman
@floating-ui/core
0.3.0 - 1.3.1
Outdated
Positioning library for floating elements: tooltips, popovers, dropdowns, and more
tooltip
popover
dropdown
menu
popup
+1
mdurl
1.0.0 - 1.0.1
Outdated
URL utilities for markdown-it
vitaly
proto-list
1.0.0 - 1.1.0
Outdated
A utility for managing a prototype chain
isaacs
linkify-it
3.0.3
Outdated
Links recognition library with FULL unicode support
linkify
linkifier
autolink
autolinker
vitaly
charenc
0.0.0 - 0.0.2
character encoding utilities
pvorb
uc.micro
1.0.6
Outdated
Micro subset of unicode data files for markdown-it projects.
vitaly
@formatjs/ecma402-abstract
1.0.2 - 1.17.0
Outdated
A collection of implementation for ECMAScript abstract operations
intl
i18n
relative
javascript
es
+4
react-i18next
10.0.3 - 12.3.0
Outdated
Internationalization for react done right. Using the i18next i18n ecosystem.
i18next
internationalization
i18n
translation
localization
+4
@angular/core
8.1.1 - 15.2.9
Outdated
Angular - the core framework
@emotion/core
0.11.0 - 0.12.0
Outdated
+1
framesync
3.1.6 - 3.1.9
Outdated
A frame-synced render loop for JavaScript
animation
raf
popmotion
react-use
9.12.0 - 17.4.0
Outdated
Collection of React Hooks
streamich
@formatjs/intl-listformat
6.3.6 - 7.4.0
Outdated
Formats JS list in a i18n-safe way
intl
i18n
list
format
formatjs
+1
load-script
1.0.0 - 2.0.0
Dynamic script loading for browser
browser
script
load
@formatjs/intl
2.2.3 - 2.9.0
Outdated
Internationalize JS apps. This library provides an API to format dates, numbers, and strings, including pluralization and handling translations.
intl
i18n
internationalization
locale
localization
+6
email-validator
2.0.4
Provides a fast, pretty robust e-mail validator. Only checks form, not function.
email
validation
validator
syntax
react-calendar
3.2.0 - 4.3.0
Outdated
Ultimate calendar for your React app.
calendar
date
date-picker
month-picker
react
@vimeo/player
2.16.1 - 2.19.0
Outdated
Interact with and control an embedded Vimeo Player.
vimeo
player
api
iframe
embed
+3
+1
@contentful/rich-text-react-renderer
15.4.0 - 15.10.1
Outdated
React renderer for the Contentful rich text field type.
sister
3.0.1 - 3.0.2
Event manager.
events
gajus
react-instantsearch-core
6.0.0 - 6.40.1
Outdated
⚡ Lightning-fast search for React, by Algolia
algolia
components
fast
instantsearch
react
+1
+2
instantsearch.js
4.36.0
Outdated
InstantSearch.js is a JavaScript library for building performant and instant search experiences with Algolia.
algolia
instantsearch
search
widget
vanilla
+10
react-youtube
7.12.0 - 7.14.0
Outdated
React.js powered YouTube player component
react
youtube
player
react-component
tjallingt
subscribe-ui-event
0.1.0 - 1.0.4
Outdated
A single, throttle built-in solution to subscribe to browser UI Events.
addEventListener
browser
events
requestAnimationFrame
resize
+3
+2
@react-hook/window-scroll
0.1.0 - 1.0.4
Outdated
A React hook for updating components when the scroll position of the window on the y-axis changes
react
react hook
hook
react hooks
hooks
+13
jaredlunde
botframework-webchat-component
4.9.2 - 4.15.8
Outdated
React component of botframework-webchat
+2
js-component-framework
2.0.0 - 2.0.2
Outdated
A framework for configuring a JavaScript component and attaching it to a DOM element or collection of DOM elements, simplifying organization of DOM interactions on your website.
es6
Popular search queries
webpack.js.org
url
react-scripts
react
lottie-api
react-helmet-async
+7 packages
github.com
color-convert
@headlessui/react
hoist-non-react-statics
reactstrap
lit-html
+60 packages
pinterest.com
libphonenumber-js
react-relay
jss
@babel/runtime
redux-form
+50 packages
Popular packages
react
React is a JavaScript library for building user interfaces.
+6 634 websites
core-js
Standard library
+10 238 websites
es5-ext
ECMAScript extensions and shims
+10 229 websites
@babel/runtime
babel's modular runtime helpers
+8 352 websites
lodash
Lodash modular utilities.
+4 826 websites
axios
Promise based HTTP client for the browser and node.js
+4 742 websites