About
Community
quizspot.online
53 packages
Last scanned on Oct 27 at 07:50 PM
Update
Name
Size
Popularity
Severity
jsonwebtoken
8.5.0 - 8.5.1
Vulnerable
Outdated
JSON Web Token implementation (symmetric and asymmetric)
Script
https://quizspot.online/_nuxt/app.102694e.js
License
MIT
Footprint
8 KB
Vulnerabilities
Moderate
GHSA-qwph-4952-7xr6
jsonwebtoken vulnerable to signature validation bypass due to insecure default algorithm in jwt.verify()
Affected versions >=0 <9.0.0
Moderate
GHSA-8cf7-32gw-wr33
jsonwebtoken unrestricted key type could lead to legacy keys usage
Affected versions >=0 <9.0.0
High
GHSA-27h2-hvpr-p74q
jsonwebtoken has insecure input validation in jwt.verify function
Affected versions >=0 <9.0.0
Moderate
GHSA-hjrf-2m68-5959
jsonwebtoken's insecure implementation of key retrieval function could lead to Forgeable Public/Private Tokens from RSA to HMAC
Affected versions >=0 <9.0.0
Matched Modules
Version distribution in production
66
8.5.0
66
8.5.1
4
8.2.1
4
8.2.2
4
8.4.0
3
8.2.0
Also used on 70 websites
cnbc.com
130 packages
bluestacks.com
52 packages
elpais.com
52 packages
scmp.com
95 packages
Repository
Homepage
More
jwt
elliptic
6.5.2 - 6.5.3
Vulnerable
Outdated
EC cryptography
EC
Elliptic
curve
Cryptography
indutny
semver
5.7.0 - 6.3.0
Outdated
The semantic version parser used by npm.
+2
ms
2.1.2 - 2.1.3
Tiny millisecond conversion utility
+5
readable-stream
3.6.0
Outdated
Node.js Streams, a user-land copy of the stream library from Node.js
readable
stream
pipe
string_decoder
1.1.0 - 1.3.0
The string_decoder module from Node core
string
decoder
browser
browserify
+1
isarray
1.0.0 - 2.0.5
Array#isArray for older browsers
browser
isarray
array
juliangruber
inherits
2.0.3 - 2.0.4
Browser-friendly inheritance fully compatible with standard node.js inherits()
inheritance
class
klass
oop
object-oriented
+3
isaacs
buffer
4.6.0 - 4.9.2
Outdated
Node.js Buffer API, for the browser
arraybuffer
browser
browserify
buffer
compatible
+2
feross
core-util-is
1.0.2 - 1.0.3
The `util.is*` functions introduced in Node v0.12.
util
isBuffer
isArray
isNumber
isString
+4
isaacs
base64-js
1.3.0 - 1.5.1
Base64 encoding/decoding in pure JS
base64
events
3.0.0 - 3.3.0
Node's event emitter for all engines.
events
eventEmitter
eventDispatcher
listeners
deepmerge
4.2.2
Outdated
A library for deep (recursive) merging of Javascript objects
merge
deep
extend
copy
clone
+1
tehshrike
util
0.10.0 - 0.12.5
Node.js's util module for all engines
util
+3
jws
3.2.1 - 4.0.0
Implementation of JSON Web Signatures
jws
json
web
signatures
+4
jwa
1.4.1
Outdated
JWA implementation (supports all JWS algorithms)
jwa
jws
jwt
rsa
ecdsa
+1
+4
lodash.isplainobject
4.0.6
The lodash method `_.isPlainObject` exported as a module.
lodash-modularized
isplainobject
minimalistic-assert
1.0.0 - 1.0.1
minimalistic-assert ===
ecdsa-sig-formatter
1.0.10 - 1.0.11
Translate ECDSA signatures between ASN.1/DER and JOSE-style concatenation
ecdsa
der
asn.1
jwt
jwa
+2
d2l-travis-deploy
buffer-equal-constant-time
1.0.0 - 1.0.1
Constant-time comparison of Buffers
buffer
equal
constant-time
crypto
lodash.isstring
4.0.1
The lodash method `_.isString` exported as a module.
lodash-modularized
isstring
sha.js
2.4.9 - 2.4.11
Streamable SHA hashes in pure javascript
lodash.isboolean
3.0.1 - 3.0.3
The lodash method `_.isBoolean` exported as a module.
lodash-modularized
isboolean
asn1.js
5.2.0 - 5.4.1
ASN.1 encoder and decoder
asn.1
der
lodash.includes
4.3.0
The lodash method `_.includes` exported as a module.
lodash-modularized
includes
hash-base
3.0.4 - 3.1.0
abstract base class for hash-streams
hash
stream
+1
lodash.isnumber
3.0.1 - 3.0.3
The lodash method `_.isNumber` exported as a module.
lodash-modularized
isnumber
hash.js
1.1.2 - 1.1.7
Various hash functions that could be run by both browser and node
hash
sha256
sha224
hmac
indutny
hmac-drbg
1.0.1
Deterministic random bit generator (hmac)
hmac
drbg
prng
indutny
des.js
1.0.1
Outdated
DES implementation
DES
3DES
EDE
CBC
indutny
md5.js
1.1.0 - 1.3.5
node style md5 on pure JavaScript
crypto
md5
+2
pbkdf2
3.1.2
This library provides the functionality of PBKDF2 with the ability to use any supported hashing algorithm returned from crypto.getHashes()
pbkdf2
kdf
salt
hash
+3
parse-asn1
5.1.6
Outdated
utility library for parsing asn1 files for use with browserify-sign.
+2
cipher-base
1.0.4
abstract base class for crypto-streams
cipher
stream
browserify-sign
2.4.0 - 2.8.0
Outdated
adds node crypto signing for browsers
+2
browserify-aes
0.4.0 - 0.8.1
Outdated
aes, for browserify
aes
crypto
browserify
+2
evp_bytestokey
1.0.3
The insecure key derivation algorithm from OpenSSL
crypto
openssl
browserify-rsa
3.0.0 - 4.0.1
Outdated
RSA for browserify
+2
create-ecdh
3.0.0 - 4.0.4
createECDH but browserifiable
diffie
hellman
diffiehellman
ECDH
+2
public-encrypt
4.0.3
browserify version of publicEncrypt & privateDecrypt
+2
diffie-hellman
1.1.2
Outdated
pure js diffie-hellman
diffie
hellman
diffiehellman
dh
+2
browserify-des
1.0.2
browserify-des ===
miller-rabin
1.1.0 - 4.0.1
Miller Rabin algorithm for primality test
prime
miller-rabin
bignumber
randomfill
1.0.0 - 1.0.4
random fill from browserify stand alone
crypto
random
p-is-promise
3.0.0 - 4.0.0
Check if something is a promise
promise
is
detect
check
kind
+7
sindresorhus
unfetch
4.1.0 - 4.2.0
Outdated
Bare minimum fetch polyfill in 500 bytes
fetch
polyfill
xhr
ajax
developit
@hookform/resolvers
1.1.0
Outdated
React Hook Form validation resolvers: Yup, Joi, Superstruct, Zod, Vest, Class Validator, io-ts, Nope, computed-types, TypeBox, arktype and Typanion
scheme
validation
scheme-validation
hookform
react-hook-form
+14
fp-ts
2.6.6 - 2.9.5
Outdated
Functional programming in TypeScript
typescript
algebraic-data-types
functional-programming
gcanti
react-query
0.0.11 - 0.0.15
Outdated
Hooks for managing, caching and syncing asynchronous and remote data in React
vue-no-ssr
1.1.1
Vue component to wrap non SSR friendly components
vue-client-only
2.0.0 - 2.1.0
Vue component to wrap non SSR friendly components
egoist
cookie-universal
2.1.0 - 2.1.5
Outdated
Universal cookie plugin, perfect for SSR
universal cookie
SSR cookie
node cookie
browser cookie
cookies
+1
microcipcip
vue-analytics
5.17.4 - 5.22.1
Google Analytics plugin for Vue
Google
google
Google Analytics
google analytics
tracking
+3
matteo_gabriele
Popular search queries
webpack.js.org
url
react-scripts
react
lottie-api
react-helmet-async
+7 packages
github.com
color-convert
@headlessui/react
hoist-non-react-statics
reactstrap
lit-html
+60 packages
pinterest.com
lodash
relay-runtime
react-relay
react-use
lodash-es
+51 packages
Popular packages
react
React is a JavaScript library for building user interfaces.
+6 634 websites
core-js
Standard library
+10 238 websites
es5-ext
ECMAScript extensions and shims
+10 229 websites
@babel/runtime
babel's modular runtime helpers
+8 352 websites
lodash
Lodash modular utilities.
+4 826 websites
axios
Promise based HTTP client for the browser and node.js
+4 742 websites