AboutCommunity

quizspot.online 53 packages

Last scanned on Oct 27 at 07:50 PM
jsonwebtoken 8.5.0 - 8.5.1VulnerableOutdated
JSON Web Token implementation (symmetric and asymmetric)
Script
https://quizspot.online/_nuxt/app.102694e.js
License
MIT
Footprint
8 KB
Vulnerabilities
ModerateGHSA-qwph-4952-7xr6
jsonwebtoken vulnerable to signature validation bypass due to insecure default algorithm in jwt.verify()
Affected versions >=0 <9.0.0
ModerateGHSA-8cf7-32gw-wr33
jsonwebtoken unrestricted key type could lead to legacy keys usage
Affected versions >=0 <9.0.0
HighGHSA-27h2-hvpr-p74q
jsonwebtoken has insecure input validation in jwt.verify function
Affected versions >=0 <9.0.0
ModerateGHSA-hjrf-2m68-5959
jsonwebtoken's insecure implementation of key retrieval function could lead to Forgeable Public/Private Tokens from RSA to HMAC
Affected versions >=0 <9.0.0
Matched Modules
Version distribution in production
66
8.5.0
66
8.5.1
4
8.2.1
4
8.2.2
4
8.4.0
3
8.2.0
Also used on 70 websites
cnbc.com
130 packages
bluestacks.com
52 packages
elpais.com
52 packages
scmp.com
95 packages
RepositoryHomepage
jwt
timferrell
david.renaud.okta
charlesrea
elliptic 6.5.2 - 6.5.3VulnerableOutdated
EC cryptography
ECEllipticcurveCryptography
indutny
indutny
semver 5.7.0 - 6.3.0Outdated
The semantic version parser used by npm.
+2
npm-cli-ops
saquibkhan
fritzy
ms 2.1.2 - 2.1.3
Tiny millisecond conversion utility
+5
gdborton
matheuss
rauchg
readable-stream 3.6.0Outdated
Node.js Streams, a user-land copy of the stream library from Node.js
readablestreampipe
cwmma
matteo.collina
nodejs-foundation
string_decoder 1.1.0 - 1.3.0
The string_decoder module from Node core
stringdecoderbrowserbrowserify
+1
cwmma
matteo.collina
rvagg
isarray 1.0.0 - 2.0.5
Array#isArray for older browsers
browserisarrayarray
juliangruber
juliangruber
inherits 2.0.3 - 2.0.4
Browser-friendly inheritance fully compatible with standard node.js inherits()
inheritanceclassklassoopobject-oriented+3
isaacs
isaacs
buffer 4.6.0 - 4.9.2Outdated
Node.js Buffer API, for the browser
arraybufferbrowserbrowserifybuffercompatible+2
feross
feross
core-util-is 1.0.2 - 1.0.3
The `util.is*` functions introduced in Node v0.12.
utilisBufferisArrayisNumberisString+4
isaacs
isaacs
base64-js 1.3.0 - 1.5.1
Base64 encoding/decoding in pure JS
base64
beatgammit
feross
events 3.0.0 - 3.3.0
Node's event emitter for all engines.
eventseventEmittereventDispatcherlisteners
gozala
goto-bus-stop
defunctzombie
deepmerge 4.2.2Outdated
A library for deep (recursive) merging of Javascript objects
mergedeepextendcopyclone+1
tehshrike
tehshrike
util 0.10.0 - 0.12.5
Node.js's util module for all engines
util
+3
ljharb
goto-bus-stop
lukechilds
jws 3.2.1 - 4.0.0
Implementation of JSON Web Signatures
jwsjsonwebsignatures
+4
stomlinson
omsmith
brianloveswords
jwa 1.4.1Outdated
JWA implementation (supports all JWS algorithms)
jwajwsjwtrsaecdsa+1
+4
stomlinson
omsmith
brianloveswords
lodash.isplainobject 4.0.6
The lodash method `_.isPlainObject` exported as a module.
lodash-modularizedisplainobject
jdalton
mathias
minimalistic-assert 1.0.0 - 1.0.1
minimalistic-assert ===
cwmma
indutny
ecdsa-sig-formatter 1.0.10 - 1.0.11
Translate ECDSA signatures between ASN.1/DER and JOSE-style concatenation
ecdsaderasn.1jwtjwa+2
d2l-travis-deploy
d2l-travis-deploy
buffer-equal-constant-time 1.0.0 - 1.0.1
Constant-time comparison of Buffers
bufferequalconstant-timecrypto
jstash
goinstant
lodash.isstring 4.0.1
The lodash method `_.isString` exported as a module.
lodash-modularizedisstring
jdalton
mathias
sha.js 2.4.9 - 2.4.11
Streamable SHA hashes in pure javascript
dcousens
ljharb
cwmma
lodash.isboolean 3.0.1 - 3.0.3
The lodash method `_.isBoolean` exported as a module.
lodash-modularizedisboolean
jdalton
mathias
asn1.js 5.2.0 - 5.4.1
ASN.1 encoder and decoder
asn.1der
fedor.indutny
indutny
lodash.includes 4.3.0
The lodash method `_.includes` exported as a module.
lodash-modularizedincludes
jdalton
mathias
hash-base 3.0.4 - 3.1.0
abstract base class for hash-streams
hashstream
+1
dcousens
ljharb
cwmma
lodash.isnumber 3.0.1 - 3.0.3
The lodash method `_.isNumber` exported as a module.
lodash-modularizedisnumber
jdalton
mathias
hash.js 1.1.2 - 1.1.7
Various hash functions that could be run by both browser and node
hashsha256sha224hmac
indutny
indutny
hmac-drbg 1.0.1
Deterministic random bit generator (hmac)
hmacdrbgprng
indutny
indutny
des.js 1.0.1Outdated
DES implementation
DES3DESEDECBC
indutny
indutny
md5.js 1.1.0 - 1.3.5
node style md5 on pure JavaScript
cryptomd5
+2
dcousens
ljharb
cwmma
pbkdf2 3.1.2
This library provides the functionality of PBKDF2 with the ability to use any supported hashing algorithm returned from crypto.getHashes()
pbkdf2kdfsalthash
+3
dcousens
ljharb
fundon
parse-asn1 5.1.6Outdated
utility library for parsing asn1 files for use with browserify-sign.
+2
dcousens
ljharb
cwmma
cipher-base 1.0.4
abstract base class for crypto-streams
cipherstream
dcousens
ljharb
cwmma
browserify-sign 2.4.0 - 2.8.0Outdated
adds node crypto signing for browsers
+2
dcousens
ljharb
cwmma
browserify-aes 0.4.0 - 0.8.1Outdated
aes, for browserify
aescryptobrowserify
+2
dcousens
ljharb
cwmma
evp_bytestokey 1.0.3
The insecure key derivation algorithm from OpenSSL
cryptoopenssl
dcousens
ljharb
cwmma
browserify-rsa 3.0.0 - 4.0.1Outdated
RSA for browserify
+2
dcousens
ljharb
cwmma
create-ecdh 3.0.0 - 4.0.4
createECDH but browserifiable
diffiehellmandiffiehellmanECDH
+2
dcousens
ljharb
cwmma
public-encrypt 4.0.3
browserify version of publicEncrypt & privateDecrypt
+2
dcousens
ljharb
cwmma
diffie-hellman 1.1.2Outdated
pure js diffie-hellman
diffiehellmandiffiehellmandh
+2
dcousens
ljharb
cwmma
browserify-des 1.0.2
browserify-des ===
dcousens
ljharb
cwmma
miller-rabin 1.1.0 - 4.0.1
Miller Rabin algorithm for primality test
primemiller-rabinbignumber
indutny
cwmma
randomfill 1.0.0 - 1.0.4
random fill from browserify stand alone
cryptorandom
dcousens
ljharb
cwmma
p-is-promise 3.0.0 - 4.0.0
Check if something is a promise
promiseisdetectcheckkind+7
sindresorhus
sindresorhus
unfetch 4.1.0 - 4.2.0Outdated
Bare minimum fetch polyfill in 500 bytes
fetchpolyfillxhrajax
developit
developit
@hookform/resolvers 1.1.0Outdated
React Hook Form validation resolvers: Yup, Joi, Superstruct, Zod, Vest, Class Validator, io-ts, Nope, computed-types, TypeBox, arktype and Typanion
schemevalidationscheme-validationhookformreact-hook-form+14
bluebill1049
kotarella1110
jorisre
fp-ts 2.6.6 - 2.9.5Outdated
Functional programming in TypeScript
typescriptalgebraic-data-typesfunctional-programming
gcanti
gcanti
react-query 0.0.11 - 0.0.15Outdated
Hooks for managing, caching and syncing asynchronous and remote data in React
tannerlinsley
tkdodo
vue-no-ssr 1.1.1
Vue component to wrap non SSR friendly components
egoist
rem
vue-client-only 2.0.0 - 2.1.0
Vue component to wrap non SSR friendly components
egoist
egoist
cookie-universal 2.1.0 - 2.1.5Outdated
Universal cookie plugin, perfect for SSR
universal cookieSSR cookienode cookiebrowser cookiecookies+1
microcipcip
microcipcip
vue-analytics 5.17.4 - 5.22.1
Google Analytics plugin for Vue
GooglegoogleGoogle Analyticsgoogle analyticstracking+3
matteo_gabriele
matteo_gabriele

Popular search queries

webpack.js.org
urlreact-scriptsreactlottie-apireact-helmet-async+7 packages
github.com
color-convert@headlessui/reacthoist-non-react-staticsreactstraplit-html+60 packages
pinterest.com
lodashrelay-runtimereact-relayreact-uselodash-es+51 packages

Popular packages

react
React is a JavaScript library for building user interfaces.
+6 634 websites
core-js
Standard library
+10 238 websites
es5-ext
ECMAScript extensions and shims
+10 229 websites
@babel/runtime
babel's modular runtime helpers
+8 352 websites
lodash
Lodash modular utilities.
+4 826 websites
axios
Promise based HTTP client for the browser and node.js
+4 742 websites