About
Community
vmall.com
66 packages
Last scanned on Jan 19 at 08:39 AM
Update
Name
Size
Popularity
Severity
lodash
4.17.16
Vulnerable
Outdated
Lodash modular utilities.
Script
https://res.vmallres.com/portal/1.22.12.300SP01/h5/chunk-vendors.js
License
MIT
Footprint
8 KB
Vulnerabilities
High
GHSA-35jh-r3h4-6jhm
Command Injection in lodash
Affected versions >=0 <4.17.21
Moderate
GHSA-29mw-wpgm-hmr9
Regular Expression Denial of Service (ReDoS) in lodash
Affected versions >=0 <4.17.21
High
GHSA-p6mc-m468-83gw
Prototype Pollution in lodash
Affected versions >=3.7.0 <4.17.19
Matched Modules
Version distribution in production
3 846
4.17.16
946
4.17.21
337
4.17.20
322
4.17.15
302
4.17.19
301
4.17.13
Also used on 4830 websites
skype.com
20 packages
sentry.io
157 packages
pinterest.com
56 packages
pinimg.com
52 packages
Repository
Homepage
More
modules
stdlib
util
next-auth
3.24.1 - 3.29.10
Vulnerable
Outdated
Authentication for Next.js
react
nodejs
oauth
jwt
oauth2
+5
es5-ext
0.10.24 - 0.10.49
Vulnerable
Outdated
ECMAScript extensions and shims
ecmascript
ecmascript5
ecmascript6
es5
es6
+11
medikoo
tslib
1.2.0 - 2.4.1
Outdated
Runtime library for TypeScript helper functions
TypeScript
Microsoft
compiler
language
javascript
+2
+5
color-convert
1.8.2 - 2.0.1
Plain color conversion functions
color
colour
convert
converter
conversion
+7
qix
escape-string-regexp
4.0.0 - 5.0.0
Escape RegExp special characters
escape
regex
regexp
regular
expression
+3
sindresorhus
isarray
1.0.0 - 2.0.5
Array#isArray for older browsers
browser
isarray
array
juliangruber
react-is
16.3.0 - 16.13.1
Outdated
Brand checking of React Elements.
react
+1
qs
6.10.0 - 6.10.1
Outdated
A querystring parser that supports nesting and arrays, with a depth limit
querystring
qs
query
url
parse
+1
buffer
4.6.0 - 4.9.2
Outdated
Node.js Buffer API, for the browser
arraybuffer
browser
browserify
buffer
compatible
+2
feross
@babel/runtime
7.9.6 - 7.12.18
Outdated
babel's modular runtime helpers
+1
get-intrinsic
1.1.0 - 1.1.1
Outdated
Get and robustly cache all JS language-level intrinsics at first require time
javascript
ecmascript
es
js
intrinsic
+2
ljharb
function-bind
1.1.0 - 1.1.1
Outdated
Implementation of Function.prototype.bind
function
bind
shim
es5
is-arrayish
0.3.1 - 0.3.2
Determines if an object can be used as an array
is
array
duck
type
arrayish
+4
qix
axios
0.21.4
Outdated
Promise based HTTP client for the browser and node.js
xhr
http
ajax
promise
node
+1
call-bind
1.0.2
Outdated
Robustly `.call.bind()` a function
javascript
ecmascript
es
js
callbind
+8
ljharb
object-inspect
1.12.0 - 1.12.1
Outdated
string representations of objects in node and the browser
inspect
util.inspect
object
stringify
pretty
has-symbols
1.0.2 - 1.0.3
Determine if the JS environment has Symbol support. Supports spec, or shams.
Symbol
symbols
typeof
sham
polyfill
+3
ljharb
side-channel
1.0.4
Outdated
Store information about any JS value in a side channel. Uses WeakMap if available.
weakmap
map
side
channel
metadata
ljharb
base64-js
1.3.0 - 1.5.1
Base64 encoding/decoding in pure JS
base64
deepmerge
4.2.2
Outdated
A library for deep (recursive) merging of Javascript objects
merge
deep
extend
copy
clone
+1
tehshrike
core-js
3.18.2 - 3.18.3
Outdated
Standard library
ES3
ES5
ES6
ES7
ES2015
+39
zloirock
scheduler
0.15.0 - 0.23.0
Outdated
Cooperative scheduler for the browser environment.
react
+1
has
1.0.1 - 1.0.3
Outdated
Object.prototype.hasOwnProperty.call shortcut
tarruda
prop-types
15.8.0 - 15.8.1
Runtime type checking for React props and similar objects.
react
react
16.13.0 - 17.0.2
Outdated
React is a JavaScript library for building user interfaces.
react
+1
color
3.1.0 - 3.2.1
Outdated
Color conversion and manipulation with CSS string support
color
colour
css
qix
color-string
1.5.3 - 1.9.1
Parser and generator for CSS color strings
color
colour
rgb
css
qix
hoist-non-react-statics
3.3.1 - 3.3.2
Copies non-react specific statics from a child component to a parent component
react
mridgway
simple-swizzle
0.2.1 - 0.2.2
Simply swizzle your arguments
argument
arguments
swizzle
swizzling
parameter
+3
qix
promise
8.1.0
Outdated
Bare bones Promises/A+ implementation
classnames
2.3.0 - 2.3.1
Outdated
A simple utility for conditionally joining classNames together
react
css
classes
classname
classnames
+2
query-string
6.5.0 - 7.1.3
Outdated
Parse and stringify URL query strings
browser
querystring
query
string
qs
+9
sindresorhus
whatwg-fetch
3.4.0 - 3.6.2
Outdated
A window.fetch polyfill.
lodash-es
4.17.21
Lodash exported as ES modules.
es6
modules
stdlib
util
redux
4.0.1 - 4.2.0
Outdated
Predictable state container for JavaScript apps
redux
reducer
state
predictable
functional
+6
+3
timers-browserify
2.0.9
Outdated
timers module for browserify
timers
browserify
browser
+36
filter-obj
1.1.0
Outdated
Filter object keys and values into a new object
filter
object
key
keys
value
+7
sindresorhus
@xmldom/xmldom
0.7.0 - 0.8.6
Outdated
A pure JavaScript W3C standard-based (XML DOM Level 2 Core) DOMParser and XMLSerializer module.
w3c
dom
xml
parser
javascript
+3
karfau
split-on-first
1.0.0 - 2.0.0
Outdated
Split a string on the first occurance of a given separator
split
string
first
once
occurrence
+3
sindresorhus
i18next
17.0.0 - 17.0.18
Outdated
i18next internationalization framework
i18next
internationalization
i18n
translation
localization
+3
array-find-index
1.0.1 - 1.0.2
ES2015 `Array#findIndex()` ponyfill
es2015
ponyfill
polyfill
shim
find
+3
sindresorhus
hyphenate-style-name
1.0.3 - 1.0.4
Hyphenates a camelcased CSS property name
hyphenate
style
css
camelcase
rexxars
is-function
1.0.2
is that thing a function? Use this module to find out
polyfill
is-function
ie6
grncdr
react-i18next
11.7.3 - 12.1.4
Outdated
Internationalization for react done right. Using the i18next i18n ecosystem.
i18next
internationalization
i18n
translation
localization
+4
@apollo/client
3.0.0 - 3.7.4
Outdated
A fully-featured caching GraphQL client.
apollo
graphql
react
hooks
client
+1
+1
react-scripts
0.4.2
Outdated
Configuration and scripts for Create React App.
+1
inline-style-prefixer
5.1.2 - 6.0.1
Outdated
Run-time Autoprefixer for JavaScript style objects
react
react styling
prefixer
inline styles
autoprefixer
+2
rofrischmann
create-react-class
15.7.0
Legacy API for creating React components.
react
rc-select
14.1.11 - 14.2.0
Outdated
React Select
react
react-component
react-select
select
+6
safe-json-parse
2.0.0 - 4.0.0
Parse JSON safely without throwing
raynos
mobx-react-lite
2.0.0 - 3.1.4
Outdated
Lightweight React bindings for MobX based on React 16.8+ and Hooks
mobx
mobservable
react-component
react
reactjs
+4
keycode
2.1.2 - 2.2.1
Convert between keyboard keycodes and keynames and vice versa.
keyboard
keycode
keyboardevent
ascii
keydown
+4
timoxley
@videojs/vhs-utils
3.0.2 - 4.0.0
Objects and functions shared throughtout @videojs/http-streaming code
videojs
videojs-plugin
+17
mux.js
6.0.0 - 6.2.0
Outdated
A collection of lightweight utilities for inspecting and manipulating video container formats.
video
container
transmux
mux
player
+5
+19
video.js
5.12.0 - 7.21.1
Outdated
An HTML5 video player that supports HLS and DASH with a common API and skin.
dash
hls
html5
player
video
+1
+18
react-native-web
0.14.10 - 0.14.13
Outdated
React Native for Web
react
react-component
react-native
web
necolas
url-toolkit
2.2.4 - 2.2.5
Build an absolute URL from a base URL and a relative URL (RFC 1808). No dependencies!
url
relative
absolute
parser
tjenkinson
m3u8-parser
4.6.0 - 4.8.0
Outdated
m3u8 parser
videojs
videojs-plugin
+19
mpd-parser
0.20.0 - 0.22.1
Outdated
mpd parser
videojs
videojs-plugin
+18
videojs-vtt.js
0.15.0 - 0.15.4
Outdated
A JavaScript implementation of the WebVTT specification, forked from vtt.js for use with Video.js
vtt
webvtt
track
captions
subtitles
+1
+17
normalize-css-color
1.0.2
Normalize a subset of CSS color values into integers
css
color
convert
hex
intelligibabble
deepcopy
2.0.0 - 2.1.0
deep copy data
sasaplus1
@tannin/plural-forms
1.0.0 - 1.1.0
Compiles a function to compute the plural forms index for a given value
aduth
lottie-api
1.0.0 - 1.0.2
Outdated
A library to edit lottie-web animations dynamically
airnan
@dhmk/utils
1.0.0 - 4.2.2
Outdated
A collection of frequently used functions and primitives
utils
tools
functions
helpers
misc
dhmk083
Popular search queries
webpack.js.org
url
react-scripts
react
lottie-api
react-helmet-async
+7 packages
github.com
color-convert
@headlessui/react
hoist-non-react-statics
reactstrap
lit-html
+60 packages
pinterest.com
lodash
relay-runtime
react-relay
react-use
lodash-es
+51 packages
Popular packages
react
React is a JavaScript library for building user interfaces.
+6 634 websites
core-js
Standard library
+10 238 websites
es5-ext
ECMAScript extensions and shims
+10 229 websites
@babel/runtime
babel's modular runtime helpers
+8 352 websites
lodash
Lodash modular utilities.
+4 826 websites
axios
Promise based HTTP client for the browser and node.js
+4 742 websites