About
Community
thumbtack.com
58 packages
Last scanned on Oct 27 at 06:23 PM
Update
Name
Size
Popularity
Severity
crypto-js
3.1.2 - 4.1.1
Vulnerable
Outdated
JavaScript library of crypto standards.
Script
https://cdn.thumbtackstatic.com/fe-assets-rr/_next/static/chunks/pages/_app-29b79e1b0b6d32ea.js
License
MIT
Footprint
1 KB
Vulnerabilities
Critical
GHSA-xwcq-pm8m-c4vf
crypto-js PBKDF2 1,000 times weaker than specified in 1993 and 1.3M times weaker than current standard
Affected versions >=0 <4.2.0
Matched Modules
Version distribution in production
457
4.1.0
457
4.1.1
185
3.3.0
162
3.1.8
143
3.2.1
143
4.0.0
Also used on 738 websites
pubmatic.com
4 packages
tiktok.com
91 packages
redd.it
180 packages
www.reddit.com
183 packages
Repository
Homepage
More
security
crypto
Hash
MD5
SHA1
+15
evanvosberg
lodash
4.17.16
Vulnerable
Outdated
Lodash modular utilities.
modules
stdlib
util
es5-ext
0.10.1 - 0.10.62
Vulnerable
Outdated
ECMAScript extensions and shims
ecmascript
ecmascript5
ecmascript6
es5
es6
+11
medikoo
next
12.2.4 - 12.2.6
Vulnerable
Outdated
The React Framework
sweetalert2
10.15.4 - 11.4.18
Vulnerable
Outdated
A beautiful, responsive, customizable and accessible (WAI-ARIA) replacement for JavaScript's popup boxes, supported fork of sweetalert
sweetalert
sweetalert2
alert
modal
popup
+4
tslib
1.6.0 - 2.4.0
Outdated
Runtime library for TypeScript helper functions
TypeScript
Microsoft
compiler
language
javascript
+2
+5
react-is
16.3.0 - 17.0.2
Outdated
Brand checking of React Elements.
react
+1
qs
6.5.1
Outdated
A querystring parser that supports nesting and arrays, with a depth limit
querystring
qs
query
url
parse
+1
@babel/runtime
7.13.16 - 7.13.17
Outdated
babel's modular runtime helpers
+1
fast-json-stable-stringify
2.0.0 - 2.1.0
deterministic `JSON.stringify()` - a faster version of substack's json-stable-strigify without jsonify
json
stringify
deterministic
hash
stable
esp
flatted
0.1.0 - 3.0.1
Outdated
A super light and fast circular JSON parser.
circular
JSON
fast
parser
minimal
webreflection
scheduler
0.15.0 - 0.23.0
Cooperative scheduler for the browser environment.
react
+1
prop-types
15.7.0 - 15.8.1
Runtime type checking for React props and similar objects.
react
react
16.13.0 - 18.2.0
React is a JavaScript library for building user interfaces.
react
+1
date-fns
1.26.0 - 1.27.2
Outdated
Modern JavaScript date utility library
kossnocorp
hoist-non-react-statics
3.3.0 - 3.3.2
Copies non-react specific statics from a child component to a parent component
react
mridgway
classnames
2.2.6
Outdated
A simple utility for conditionally joining classNames together
react
css
classes
classname
classnames
+2
react-transition-group
2.4.0 - 2.5.2
Outdated
A react component toolset for managing animations
react
transition
addons
transition-group
animation
+2
graphql
14.4.2 - 15.0.0
Outdated
A Query Language and Runtime which can target any service.
graphql
graphql-js
+5
dom-helpers
5.0.1 - 5.2.1
tiny modular DOM lib for ie9+
dom-helpers
react-component
dom
api
cross-browser
+8
lodash-es
4.17.21
Lodash exported as ES modules.
es6
modules
stdlib
util
react-fast-compare
3.1.0 - 3.2.0
Outdated
Fastest deep equal comparison for React. Great for React.memo & shouldComponentUpdate. Also really fast general-purpose deep comparison.
fast
equal
react
compare
shouldComponentUpdate
+1
+12
babel-runtime
5.0.13 - 6.0.14
Outdated
babel selfContained runtime
react-lifecycles-compat
3.0.4
Backwards compatibility polyfill for React class components
quick-format-unescaped
4.0.4
Solves a problem with util.format
davidmarkclements
react-popper
2.2.0 - 2.3.0
Official library to use Popper on React projects
react
react-popper
popperjs
component
drop
+2
react-select
4.1.0 - 5.5.4
Outdated
A Select control built with and for ReactJS
combobox
form
input
multiselect
react
+3
+2
ts-invariant
0.5.1 - 0.8.2
Outdated
TypeScript implementation of invariant(condition, message)
invariant
assertion
precondition
TypeScript
benjamn
zen-observable
0.8.15
Outdated
An Implementation of ES Observables
zenparsing
@wry/equality
0.3.4 - 0.4.0
Outdated
Structural equality checking for JavaScript values
benjamn
tabbable
3.1.1 - 3.1.2
Outdated
Returns an array of all tabbable DOM nodes within a containing node.
@wry/context
0.4.0 - 0.6.1
Outdated
Manage contextual information needed by (a)synchronous tasks without explicitly passing objects around
benjamn
web-vitals
2.1.4
Outdated
Easily measure performance metrics in JavaScript
crux
performance
metrics
Core Web Vitals
CLS
+5
@apollo/client
3.3.0 - 3.3.21
Outdated
A fully-featured caching GraphQL client.
apollo
graphql
react
hooks
client
+1
+1
@angular/router
10.0.0 - 14.1.3
Outdated
Angular - the routing library
angular
router
react-draggable
4.4.1 - 4.4.5
Outdated
React draggable component
react
draggable
react-component
xstate
4.7.0 - 4.33.6
Outdated
Finite State Machines and Statecharts for the Modern Web.
statechart
state machine
finite state machine
finite automata
scxml
+2
focus-trap
4.0.0 - 4.0.2
Outdated
Trap focus within a DOM node.
focus
accessibility
trap
capture
keyboard
+1
antd
3.11.3
Outdated
An enterprise-class UI design language and React components implementation
ant
component
components
design
framework
+4
+4
@material-ui/core
1.5.1 - 4.12.4
React components that implement Google's Material Design.
react
react-component
material design
material-ui
react-phone-number-input
0.3.0 - 0.5.5
Outdated
Telephone number input React component
react
phone
number
input
telephone
+1
catamphetamine
react-dates
1.0.0 - 21.8.0
A responsive and accessible date range picker component built with React
+4
react-waypoint
9.0.3 - 10.0.0
Outdated
A React component to execute a function whenever you scroll to an element.
react
component
react-component
scroll
onscroll
+1
+2
react-swipeable
4.2.2 - 4.3.2
Outdated
React Swipe event handler hook
react swipe
react touch
react hook
touch
swipe
+3
+13
detect-passive-events
1.0.0 - 1.0.5
Outdated
Detect if the browser supports passive events
detect
passive
passive events
rafgraph
@analytics/storage-utils
0.2.5 - 0.2.14
Outdated
Storage utility with fallbacks
analytics
analytics-project
analytics-util
storage
cookies
+3
davidwells
reakit-utils
0.14.3 - 0.15.2
Reakit utils
reakit
react
utils
diegohaz
@apollo/react-components
3.0.0 - 3.1.5
Outdated
React Apollo Query, Mutation and Subscription components.
apollo
graphql
react
components
+1
no-scroll
2.1.0 - 2.1.1
Disable the document's scrolling
scroll
scrolling
disable
modal
dialog
davidtheclark
url-search-params
0.7.0 - 1.0.2
Outdated
Simple polyfill for URLSearchParams standard
DOM
URLSearchParams
polyfill
shim
webreflection
tesseract.js
2.0.0 - 3.0.3
Outdated
Pure Javascript Multilingual OCR
+1
@tannin/plural-forms
1.0.0 - 1.1.0
Compiles a function to compute the plural forms index for a given value
aduth
react-scroll-to-bottom
4.1.1 - 4.2.0
React container that will auto scroll to bottom
react
follow
jump
jump to bottom
jump to top
+7
@most/scheduler
0.7.0 - 1.3.0
Reactive programming with lean, functions-only, curried, tree-shakeable API
reactive
reactive programming
events
event stream
promise
+5
+2
lottie-api
1.0.0 - 1.0.2
Outdated
A library to edit lottie-web animations dynamically
airnan
botframework-webchat
0.11.2 - 0.15.0
Outdated
A highly-customizable web-based chat client for Azure Bot Services.
+5
react-amphtml
3.1.0 - 4.0.2
Use amphtml components inside your React apps easily!
react
amphtml
dfrankland
@quintype/components
1.6.0 - 1.34.1
Outdated
Components to help build Quintype Node.js apps
quintype
+27
Popular search queries
webpack.js.org
url
react-scripts
react
lottie-api
react-helmet-async
+7 packages
github.com
color-convert
@headlessui/react
hoist-non-react-statics
reactstrap
lit-html
+60 packages
pinterest.com
lodash
relay-runtime
react-relay
react-use
lodash-es
+51 packages
Popular packages
react
React is a JavaScript library for building user interfaces.
+6 634 websites
core-js
Standard library
+10 238 websites
es5-ext
ECMAScript extensions and shims
+10 229 websites
@babel/runtime
babel's modular runtime helpers
+8 352 websites
lodash
Lodash modular utilities.
+4 826 websites
axios
Promise based HTTP client for the browser and node.js
+4 742 websites