About
Community
sanook.com
97 packages
Last scanned on Oct 27 at 06:40 PM
Update
Name
Size
Popularity
Severity
crypto-js
3.1.8 - 3.3.0
Vulnerable
Outdated
JavaScript library of crypto standards.
Script
https://s.isanook.com/sr/0/_next/static/chunks/1354-e6e263fd45386d27bc3d.js
License
MIT
Footprint
41 KB
Vulnerabilities
Critical
GHSA-xwcq-pm8m-c4vf
crypto-js PBKDF2 1,000 times weaker than specified in 1993 and 1.3M times weaker than current standard
Affected versions >=0 <4.2.0
Matched Modules
Version distribution in production
457
4.1.0
457
4.1.1
185
3.3.0
162
3.1.8
143
3.2.1
143
4.0.0
Also used on 738 websites
pubmatic.com
4 packages
tiktok.com
91 packages
redd.it
180 packages
www.reddit.com
183 packages
Repository
Homepage
More
security
crypto
Hash
MD5
SHA1
+15
evanvosberg
lodash
4.17.16
Vulnerable
Outdated
Lodash modular utilities.
modules
stdlib
util
axios
0.19.1 - 0.19.2
Vulnerable
Outdated
Promise based HTTP client for the browser and node.js
xhr
http
ajax
promise
node
+1
next
11.1.0 - 12.0.3
Vulnerable
Outdated
The React Framework
tslib
1.6.0 - 2.4.0
Outdated
Runtime library for TypeScript helper functions
TypeScript
Microsoft
compiler
language
javascript
+2
+5
color-convert
1.8.2 - 2.0.1
Plain color conversion functions
color
colour
convert
converter
conversion
+7
qix
react-is
16.3.0 - 17.0.2
Outdated
Brand checking of React Elements.
react
+1
inherits
2.0.4
Browser-friendly inheritance fully compatible with standard node.js inherits()
inheritance
class
klass
oop
object-oriented
+3
isaacs
@babel/runtime
7.12.13 - 7.12.18
Outdated
babel's modular runtime helpers
+1
get-intrinsic
1.1.0 - 1.1.1
Outdated
Get and robustly cache all JS language-level intrinsics at first require time
javascript
ecmascript
es
js
intrinsic
+2
ljharb
function-bind
1.1.0 - 1.1.1
Outdated
Implementation of Function.prototype.bind
function
bind
shim
es5
is-arrayish
0.3.1 - 0.3.2
Determines if an object can be used as an array
is
array
duck
type
arrayish
+4
qix
path-to-regexp
2.4.0
Outdated
Express style path to RegExp utility
express
regexp
route
routing
+2
cookie
0.2.4 - 0.4.1
Outdated
HTTP server cookie parsing and serialization
cookie
cookies
dougwilson
call-bind
1.0.2
Outdated
Robustly `.call.bind()` a function
javascript
ecmascript
es
js
callbind
+8
ljharb
has-symbols
1.0.2 - 1.0.3
Determine if the JS environment has Symbol support. Supports spec, or shams.
Symbol
symbols
typeof
sham
polyfill
+3
ljharb
yaml
1.0.0 - 2.1.3
Outdated
JavaScript parser and stringifier for YAML
YAML
parser
stringifier
eemeli
es-abstract
1.18.3 - 1.19.2
Outdated
ECMAScript spec abstract operations.
ECMAScript
ES
abstract
operation
abstract operation
+4
ljharb
fast-json-stable-stringify
2.0.0 - 2.1.0
deterministic `JSON.stringify()` - a faster version of substack's json-stable-strigify without jsonify
json
stringify
deterministic
hash
stable
esp
define-properties
1.1.3 - 1.1.4
Outdated
Define multiple non-enumerable properties at once. Uses `Object.defineProperty` when available; falls back to standard assignment in older engines.
Object.defineProperty
Object.defineProperties
object
property descriptor
descriptor
+2
ljharb
is-callable
1.2.4
Outdated
Is this JS value callable? Works with Functions and GeneratorFunctions, despite ES6 @@toStringTag.
Function
function
callable
generator
generator function
+5
ljharb
has-tostringtag
1.0.0
Outdated
Determine if the JS environment has `Symbol.toStringTag` support. Supports spec, or shams.
javascript
ecmascript
symbol
symbols
tostringtag
+1
ljharb
is-buffer
1.1.4 - 1.1.6
Outdated
Determine if an object is a Buffer
arraybuffer
browser
browser buffer
browserify
buffer
+10
feross
object-keys
1.1.0 - 1.1.1
An Object.keys replacement, in case Object.keys is not available. From https://github.com/es-shims/es5-shim
Object.keys
keys
ES5
shim
ljharb
is-date-object
1.0.5
Is this value a JS Date object? This module works cross-realm/iframe, and despite ES6 @@toStringTag.
Date
ES6
toStringTag
@@toStringTag
Date object
ljharb
is-string
1.0.7
Is this value a JS String object or primitive? This module works cross-realm/iframe, and despite ES6 @@toStringTag.
String
string
ES6
toStringTag
@@toStringTag
+1
ljharb
eventemitter3
2.0.0 - 4.0.7
Outdated
EventEmitter3 focuses on performance while maintaining a Node.js AND browser compatible interface.
EventEmitter
EventEmitter2
EventEmitter3
Events
addEventListener
+10
es-to-primitive
1.2.0 - 1.2.1
ECMAScript “ToPrimitive” algorithm. Provides ES5 and ES2015 versions.
primitive
abstract
ecmascript
es5
es6
+11
ljharb
array-includes
3.1.2 - 3.1.3
Outdated
An ES7/ES2016 spec-compliant `Array.prototype.includes` shim/polyfill/replacement that works as far down as ES3.
Array.prototype.includes
includes
array
ES7
shim
+4
ljharb
has
1.0.1 - 1.0.3
Outdated
Object.prototype.hasOwnProperty.call shortcut
tarruda
scheduler
0.15.0 - 0.23.0
Cooperative scheduler for the browser environment.
react
+1
prop-types
15.7.0 - 15.7.2
Outdated
Runtime type checking for React props and similar objects.
react
react
17.0.0 - 17.0.2
Outdated
React is a JavaScript library for building user interfaces.
react
+1
performance-now
0.1.3 - 2.1.0
Implements performance.now (based on process.hrtime).
meryn
date-fns
1.30.1
Outdated
Modern JavaScript date utility library
kossnocorp
color
1.0.0 - 3.0.0
Outdated
Color conversion and manipulation with CSS string support
color
colour
css
qix
minimalistic-assert
1.0.0 - 1.0.1
minimalistic-assert ===
color-string
1.5.3 - 1.9.1
Parser and generator for CSS color strings
color
colour
rgb
css
qix
hoist-non-react-statics
1.2.0 - 3.3.2
Copies non-react specific statics from a child component to a parent component
react
mridgway
querystring
0.2.1
Node's querystring module for all engines.
commonjs
query
querystring
simple-swizzle
0.2.1 - 0.2.2
Simply swizzle your arguments
argument
arguments
swizzle
swizzling
parameter
+3
qix
@emotion/unitless
0.7.2 - 0.8.0
Outdated
An object of css properties that don't accept values with units
+1
classnames
2.3.0 - 2.3.1
Outdated
A simple utility for conditionally joining classNames together
react
css
classes
classname
classnames
+2
stylis
4.0.0 - 4.0.5
Outdated
A Light–weight CSS Preprocessor
react-transition-group
2.4.0 - 3.0.0
Outdated
A react component toolset for managing animations
react
transition
addons
transition-group
animation
+2
graphql
14.4.2 - 14.7.0
Outdated
A Query Language and Runtime which can target any service.
graphql
graphql-js
+5
dom-helpers
5.0.1 - 5.2.1
tiny modular DOM lib for ie9+
dom-helpers
react-component
dom
api
cross-browser
+8
lodash.isequal
4.5.0
The Lodash method `_.isEqual` exported as a module.
lodash-modularized
isequal
hash.js
1.1.2 - 1.1.7
Various hash functions that could be run by both browser and node
hash
sha256
sha224
hmac
indutny
lodash-es
4.17.21
Lodash exported as ES modules.
es6
modules
stdlib
util
react-fast-compare
3.1.0 - 3.2.0
Outdated
Fastest deep equal comparison for React. Great for React.memo & shouldComponentUpdate. Also really fast general-purpose deep comparison.
fast
equal
react
compare
shouldComponentUpdate
+1
+12
raf
1.0.0 - 3.4.1
requestAnimationFrame polyfill for node and the browser
requestAnimationFrame
polyfill
charenc
0.0.0 - 0.0.2
character encoding utilities
pvorb
react-lifecycles-compat
3.0.4
Backwards compatibility polyfill for React class components
styled-jsx
4.0.0 - 4.0.1
Outdated
Full CSS support for JSX without compromises
babel-plugin-macros
vercel
zeit
css-in-js
css
lodash.throttle
4.1.1
The lodash method `_.throttle` exported as a module.
lodash-modularized
throttle
react-select
2.1.0 - 5.5.7
Outdated
A Select control built with and for ReactJS
combobox
form
input
multiselect
react
+3
+2
@aws-sdk/signature-v4
3.55.0 - 3.186.0
Outdated
A standalone implementation of the AWS Signature V4 request signing algorithm
+2
set-cookie-parser
2.4.8 - 2.5.0
Outdated
Parses set-cookie headers into objects
set-cookie
set
cookie
cookies
header
+1
nfriedly
ts-invariant
0.1.0 - 0.10.3
TypeScript implementation of invariant(condition, message)
invariant
assertion
precondition
TypeScript
benjamn
zen-observable
0.8.15
Outdated
An Implementation of ES Observables
zenparsing
@wry/equality
0.1.8 - 0.1.11
Outdated
Structural equality checking for JavaScript values
benjamn
@apollo/client
3.4.0 - 3.5.10
Outdated
A fully-featured caching GraphQL client.
apollo
graphql
react
hooks
client
+1
+1
exenv
1.1.0 - 1.2.2
React's ExecutionEnvironment module extracted for use in other packages & components
react
browser
server
environment
env
+2
jedwatson
string-hash
1.1.1 - 1.1.3
fast string hashing function
string
hashing
string-convert
0.2.0 - 0.2.1
String convertions
akiran
json2mq
0.2.0
Generate media query string from JSON or javascript object
akiran
react-input-autosize
3.0.0
Auto-resizing Input Component for React
react
react-component
input
autosize
+1
react-side-effect
2.1.0 - 2.1.2
Create components whose prop changes map to a global side effect
react
component
side
effect
react-dnd
15.0.0 - 16.0.1
Drag and Drop for React
+2
create-react-class
15.7.0
Legacy API for creating React components.
react
react-beautiful-dnd
1.0.0 - 6.0.2
Outdated
Beautiful and accessible drag and drop for lists with React
drag and drop
dnd
sortable
reorder
reorderable
+5
react-modal
3.14.1 - 3.16.1
Accessible modal dialog component for React.JS
react
react-component
modal
dialog
diasbruno
universal-cookie
4.0.1 - 4.0.4
Outdated
Universal cookies for JavaScript
universal
isomophic
cookie
exon
apollo-utilities
1.0.0 - 1.3.4
Utilities for working with GraphQL ASTs
+1
apollo-link
1.2.9 - 1.2.14
Flexible, lightweight transport layer for GraphQL
enquire.js
2.1.6
Awesome Media Queries in JavaScript
media query
media queries
matchMedia
enquire
enquire.js
wickynilliams
react-slick
0.15.4 - 0.16.0
Outdated
React port of slick carousel
slick
carousel
Image slider
orbit
slider
+1
akiran
consolidated-events
1.1.0 - 1.1.1
Outdated
Manage multiple event handlers using few event listeners
events
performance
lencioni
react-player
1.12.0 - 1.15.3
Outdated
A React component for playing a variety of URLs, including file paths, YouTube, Facebook, Twitch, SoundCloud, Streamable, Vimeo, Wistia and DailyMotion
react
media
player
video
audio
+11
cookpete
use-subscription
1.3.0 - 1.5.1
Outdated
Reusable hooks
+1
change-emitter
0.1.2 - 0.1.6
Listen for changes. Like an event emitter that only emits a single event type. Really tiny.
change
event
emitter
react-cookie
3.0.0 - 4.1.1
Outdated
Universal cookies for React
universal
isomophic
cookie
react
exon
reactstrap
4.1.1 - 4.3.0
Outdated
React Bootstrap components
reactstrap
bootstrap
react
component
components
+2
+4
react-scroll
1.8.3 - 1.8.5
Outdated
A scroll component for React.js
react
react-component
scroll
scroller
scrolls
fisshy
keymirror
0.1.0 - 0.1.1
A simple utility for creating an object with values equal to its keys. Identical to react/lib/keyMirror
strml
react-lazyload
2.4.0 - 2.5.0
Outdated
Lazyload your components, images or anything where performance matters.
react-component
react
lazyload
+1
nookies
2.5.1 - 2.5.2
A set of cookie helpers for Next.js
cookie
cookies
next
nextjs
js
+5
maticzav
react-apollo
2.5.2 - 2.5.8
Outdated
React Apollo Hooks, Components, and HOC.
apollo
graphql
react
hooks
hoc
+1
+5
react-stickynode
1.1.2 - 2.1.1
Outdated
A performant and comprehensive React sticky component
Sticky
React
+2
subscribe-ui-event
2.0.0 - 2.0.7
A single, throttle built-in solution to subscribe to browser UI Events.
addEventListener
browser
events
requestAnimationFrame
resize
+3
+2
@optimizely/react-sdk
2.0.0 - 2.9.1
Outdated
React SDK for Optimizely Feature Experimentation, Optimizely Full Stack (legacy), and Optimizely Rollouts
optimizely-fullstack
@tannin/plural-forms
1.0.0 - 1.1.0
Compiles a function to compute the plural forms index for a given value
aduth
cross-domain-utils
2.0.38
Javascript module template.
template
bluepnume
react-cool-onclickoutside
1.6.2
Outdated
React hook to listen for clicks outside of the component(s).
react
hook
react-hook
onclickoutside-hook
on-click-outside-hook
+12
wellyshen
react-facebook
4.1.1 - 5.0.3
Outdated
Facebook components like a Login button, Like, Share, Comments, Embedded Post/Video, Messenger Chat and others
react
react-component
facebook
login
login button
+12
zlatkofedor
react-amphtml
3.1.0 - 4.0.2
Use amphtml components inside your React apps easily!
react
amphtml
dfrankland
Popular search queries
webpack.js.org
url
react-scripts
react
lottie-api
react-helmet-async
+7 packages
github.com
color-convert
@headlessui/react
hoist-non-react-statics
reactstrap
lit-html
+60 packages
pinterest.com
lodash
relay-runtime
react-relay
react-use
lodash-es
+51 packages
Popular packages
react
React is a JavaScript library for building user interfaces.
+6 634 websites
core-js
Standard library
+10 238 websites
es5-ext
ECMAScript extensions and shims
+10 229 websites
@babel/runtime
babel's modular runtime helpers
+8 352 websites
lodash
Lodash modular utilities.
+4 826 websites
axios
Promise based HTTP client for the browser and node.js
+4 742 websites