About
Community
xbox.com
100 packages
Last scanned on Oct 27 at 06:02 PM
Update
Name
Size
Popularity
Severity
lodash
4.17.16
Vulnerable
Outdated
Lodash modular utilities.
Script
https://assets-www.xbox.com/xbox-web/static/js/vendors~ContentPage.cbbfada8.chunk.js
License
MIT
Footprint
4 KB
Vulnerabilities
High
GHSA-35jh-r3h4-6jhm
Command Injection in lodash
Affected versions >=0 <4.17.21
Moderate
GHSA-29mw-wpgm-hmr9
Regular Expression Denial of Service (ReDoS) in lodash
Affected versions >=0 <4.17.21
High
GHSA-p6mc-m468-83gw
Prototype Pollution in lodash
Affected versions >=3.7.0 <4.17.19
Matched Modules
Version distribution in production
3 846
4.17.16
946
4.17.21
337
4.17.20
322
4.17.15
302
4.17.19
301
4.17.13
Also used on 4830 websites
skype.com
20 packages
sentry.io
157 packages
pinterest.com
56 packages
pinimg.com
52 packages
Repository
Homepage
More
modules
stdlib
util
es5-ext
0.10.24 - 0.10.49
Vulnerable
Outdated
ECMAScript extensions and shims
ecmascript
ecmascript5
ecmascript6
es5
es6
+11
medikoo
tslib
1.2.0 - 2.4.0
Outdated
Runtime library for TypeScript helper functions
TypeScript
Microsoft
compiler
language
javascript
+2
+5
uuid
8.3.0 - 8.3.2
Outdated
RFC4122 (v1, v4, and v5) UUIDs
uuid
guid
rfc4122
ajv
6.12.5 - 6.12.6
Outdated
Another JSON Schema Validator
JSON
schema
validator
validation
jsonschema
+3
isarray
0.0.0 - 2.0.5
Array#isArray for older browsers
browser
isarray
array
juliangruber
react-is
16.3.0 - 18.2.0
Brand checking of React Elements.
react
+1
json-schema-traverse
0.4.0 - 1.0.0
Traverse JSON Schema passing each schema object to callback
JSON-Schema
traverse
iterate
esp
inherits
2.0.3
Outdated
Browser-friendly inheritance fully compatible with standard node.js inherits()
inheritance
class
klass
oop
object-oriented
+3
isaacs
buffer
4.6.0 - 4.9.2
Outdated
Node.js Buffer API, for the browser
arraybuffer
browser
browserify
buffer
compatible
+2
feross
normalize-path
3.0.0
Normalize slashes in a file path to be posix/unix-like forward slashes. Also condenses repeat slashes to a single slash and removes and trailing slashes, unless disabled.
absolute
backslash
delimiter
file
file-path
+14
@babel/runtime
7.13.6 - 7.13.7
Outdated
babel's modular runtime helpers
+1
sprintf-js
1.0.1 - 1.0.3
Outdated
JavaScript sprintf implementation
alexei
path-to-regexp
1.7.0 - 1.8.0
Outdated
Express style path to RegExp utility
express
regexp
route
routing
+2
axios
0.21.4
Outdated
Promise based HTTP client for the browser and node.js
xhr
http
ajax
promise
node
+1
fast-deep-equal
3.0.0 - 3.1.3
Fast deep equal
fast
equal
deep-equal
esp
rxjs
6.6.2 - 6.6.7
Outdated
Reactive Extensions for modern JavaScript
Rx
RxJS
ReactiveX
ReactiveExtensions
Streams
+5
base64-js
1.3.0 - 1.5.1
Base64 encoding/decoding in pure JS
base64
fast-json-stable-stringify
2.0.0 - 2.1.0
deterministic `JSON.stringify()` - a faster version of substack's json-stable-strigify without jsonify
json
stringify
deterministic
hash
stable
esp
events
3.0.0 - 3.3.0
Node's event emitter for all engines.
events
eventEmitter
eventDispatcher
listeners
is-buffer
2.0.0 - 2.0.5
Determine if an object is a Buffer
arraybuffer
browser
browser buffer
browserify
buffer
+10
feross
core-js
3.9.0 - 3.10.0
Outdated
Standard library
ES3
ES5
ES6
ES7
ES2015
+39
zloirock
util
0.10.0 - 0.12.5
Node.js's util module for all engines
util
+3
eventemitter3
2.0.0 - 4.0.7
Outdated
EventEmitter3 focuses on performance while maintaining a Node.js AND browser compatible interface.
EventEmitter
EventEmitter2
EventEmitter3
Events
addEventListener
+10
scheduler
0.21.0 - 0.23.0
Cooperative scheduler for the browser environment.
react
+1
prop-types
15.8.0 - 15.8.1
Runtime type checking for React props and similar objects.
react
react
17.0.0 - 18.2.0
React is a JavaScript library for building user interfaces.
react
+1
react-dom
18.0.0 - 18.2.0
React package for working with the DOM.
react
+2
hoist-non-react-statics
3.3.1 - 3.3.2
Copies non-react specific statics from a child component to a parent component
react
mridgway
classnames
2.2.6 - 2.3.1
Outdated
A simple utility for conditionally joining classNames together
react
css
classes
classname
classnames
+2
@emotion/hash
0.8.0 - 0.9.0
Outdated
A MurmurHash2 implementation
+1
react-transition-group
2.0.0 - 4.4.5
A react component toolset for managing animations
react
transition
addons
transition-group
animation
+2
gaxios
2.0.1
Outdated
A simple common HTTP client specifically for Google APIs and services.
google
google-wombot
dom-helpers
5.1.4
Outdated
tiny modular DOM lib for ie9+
dom-helpers
react-component
dom
api
cross-browser
+8
tiny-invariant
0.0.2 - 1.3.1
Outdated
A tiny invariant function
invariant
error
assert
asserts
alexreardon
immer
7.0.7 - 9.0.16
Outdated
Create your next immutable state by mutating the current one
immutable
mutable
copy-on-write
@sentry/utils
7.3.1 - 7.10.0
Outdated
Utilities for all Sentry JavaScript SDKs
+8
react-router
5.1.1 - 5.3.4
Outdated
Declarative routing for React
react
router
route
routing
history
+1
@sentry/core
7.10.0
Outdated
Base implementation for all Sentry JavaScript SDKs
+8
lodash-es
4.17.20 - 4.17.21
Lodash exported as ES modules.
es6
modules
stdlib
util
redux
4.0.1 - 4.2.0
Outdated
Predictable state container for JavaScript apps
redux
reducer
state
predictable
functional
+6
+3
react-fast-compare
2.0.4 - 3.2.0
Outdated
Fastest deep equal comparison for React. Great for React.memo & shouldComponentUpdate. Also really fast general-purpose deep comparison.
fast
equal
react
compare
shouldComponentUpdate
+1
+12
traverse
0.6.1 - 0.6.7
Outdated
traverse and transform objects by visiting every node on a recursive walk
traverse
walk
recursive
map
forEach
+2
ljharb
tailwindcss
0.1.0 - 0.7.4
Outdated
A utility-first CSS framework for rapidly building custom user interfaces.
timers-browserify
2.0.9
Outdated
timers module for browserify
timers
browserify
browser
+36
crypto-browserify
1.0.9 - 2.0.0
Outdated
implementation of crypto for the browser
+2
reselect
4.1.0 - 4.1.6
Outdated
Selectors for Redux.
react
redux
+3
history
4.0.0 - 4.10.1
Outdated
Manage session history with JavaScript
history
location
mjackson
style-to-object
0.2.3 - 0.3.0
Outdated
Parse CSS inline style to JavaScript object.
style-to-object
inline
style
parser
css
+2
remarkablemark
is-retry-allowed
2.2.0 - 3.0.0
Check whether a request can be retried based on the `error.code`
retry
retries
allowed
check
http
+3
sindresorhus
toposort
2.0.2
Topological sort of directed ascyclic graphs (like dependecy lists)
topological
sort
sorting
graphs
graph
+4
marcelklehr
inline-style-parser
0.1.0 - 0.1.1
Outdated
An inline style parser.
inline-style-parser
inline-style
style
parser
css
remarkablemark
expand-template
1.0.0 - 1.0.4
Outdated
Expand placeholders in a template string
template
expand
replace
ralphtheninja
p-is-promise
3.0.0 - 4.0.0
Check if something is a promise
promise
is
detect
check
kind
+7
sindresorhus
@sentry/browser
7.7.0 - 7.12.1
Outdated
Official Sentry SDK for browsers
+8
property-expr
2.0.5
Outdated
tiny util for getting and setting deep object props safely
expr
expression
setter
getter
deep
+3
monastic.panic
redux-thunk
2.1.0 - 2.4.1
Outdated
Thunk middleware for Redux.
redux
thunk
middleware
redux-middleware
flux
+2
react-hook-form
6.0.0 - 6.9.2
Outdated
Performant, flexible and extensible forms library for React Hooks
react
hooks
form
forms
form-validation
+3
bluebill1049
base64-arraybuffer
0.1.5 - 1.0.2
Encode/decode base64 data into ArrayBuffers
niklasvh
engine.io-client
6.2.2 - 6.2.3
Outdated
Client for the realtime Engine
@sentry/hub
7.6.0 - 7.12.1
Outdated
Sentry hub which handles global state managment.
+8
@reduxjs/toolkit
1.3.4 - 1.8.6
Outdated
The official, opinionated, batteries-included toolset for efficient Redux development
redux
react
starter
toolkit
reducer
+4
+2
react-scripts
0.4.2
Outdated
Configuration and scripts for Create React App.
+1
axios-retry
3.0.1 - 3.3.1
Outdated
Axios plugin that intercepts failed requests and retries them whenever posible.
softonic
@sentry/tracing
7.8.1 - 7.12.1
Outdated
Sentry Performance Monitoring Package
+8
uncontrollable
7.1.0 - 7.2.1
Outdated
Wrap a controlled react component, to allow specific prop/handler pairs to be uncontrolled
uncontrolled-component
react-component
input
controlled
uncontrolled
+1
monastic.panic
react-focus-lock
2.3.0 - 2.9.1
Outdated
It is a trap! (for a focus)
react
focus
lock
trap
tabbable
kashey
urijs
1.19.11
URI.js is a Javascript library for working with URLs.
uri
url
urn
uri mutation
url mutation
+13
rodneyrehm
react-side-effect
2.1.0 - 2.1.2
Create components whose prop changes map to a global side effect
react
component
side
effect
react-toastify
9.0.0 - 9.0.8
Outdated
React notification made easy
react
notification
toast
react-component
react-toastify
+2
sniphpet
mini-create-react-context
0.3.2
Outdated
Smaller Polyfill for the proposed React context API
react
context
contextTypes
polyfill
ponyfill
stringepsilon
http-status-codes
1.0.4 - 1.4.0
Outdated
Constants enumerating the HTTP status codes. Based on the Java Apache HttpStatus API.
node
http
apache
HttpStatus
httpclient
+2
prettymuchbryce
lit-element
3.0.0
Outdated
A simple base class for creating fast, lightweight web components
+11
@firebase/firestore
3.1.1 - 3.4.5
Outdated
The Cloud Firestore component of the Firebase JS SDK.
+1
@react-spring/shared
9.0.0 - 9.5.5
Outdated
Globals and shared modules
animated
animation
hooks
motion
react
+4
tdfka_rick
react-smooth
2.0.1
Outdated
react animation library
react
reactjs
animation
react-component
+1
@restart/hooks
0.4.6 - 0.4.7
Outdated
A set of utility and general-purpose React hooks.
intl-messageformat-parser
3.3.0 - 6.3.4
Outdated
Parses ICU Message strings into an AST via JavaScript.
i18n
intl
internationalization
localization
globalization
+4
+3
html-react-parser
0.10.0 - 0.10.3
Outdated
HTML to React parser.
html-react-parser
html
react
parser
dom
remarkablemark
react-bootstrap
1.6.1 - 1.6.6
Outdated
Bootstrap 5 components built with React
bootstrap
react
component
components
ecosystem-react
+1
react-property
1.0.1 - 1.0.2
Outdated
HTML and SVG DOM property configs used by React.
react-property
html
svg
dom
property
+4
remarkablemark
react-tooltip
3.0.3 - 3.11.2
Outdated
react tooltip component
react
react-component
tooltip
react-tooltip
+3
svelte
3.29.5 - 3.52.0
Outdated
Cybernetically enhanced web apps
UI
framework
templates
templating
redux-devtools-extension
2.12.2
Outdated
Wrappers for Redux DevTools Extension.
+1
@redux-saga/core
1.0.0 - 1.2.1
Outdated
Saga middleware for Redux to handle Side Effects
javascript
redux
middleware
saga
effects
+1
@redux-saga/symbols
1.0.0 - 1.1.3
Redux-saga internal symbol "registry".
redux
saga
redux-saga
@redux-saga/is
1.0.0 - 1.1.3
Runtime type checking helpers
@redux-saga/delay-p
1.0.0 - 1.1.2
Outdated
Promisified setTimeout
promise
resolve
delay
defer
wait
+12
@auth0/auth0-spa-js
2.0.0
Outdated
Auth0 SDK for Single Page Applications using Authorization Code Grant Flow with PKCE
auth0
login
Authorization Code Grant Flow
PKCE
Single Page Application authentication
+1
+41
react-native-web
0.0.82 - 0.11.7
Outdated
React Native for Web
react
react-component
react-native
web
necolas
@loadable/component
5.10.3 - 5.12.0
Outdated
React code splitting made easy.
react
ssr
webpack
code-splitting
react-router
+4
@hotwired/turbo
7.0.0 - 7.2.4
Outdated
The speed of a single-page web application without having to write any JavaScript
hotwire
turbo
browser
pushstate
+1
mobile-detect
1.4.4
Outdated
Device detection (phone, tablet, desktop, mobile grade, os, versions)
useragent
mobile
phone
tablet
detect
+5
hgoebl
react-range
1.0.1 - 1.8.14
Range input. Slides in all directions.
react
react-dom
react-component
range
slider
+1
miksu
react-move
0.0.1 - 0.0.2
Outdated
Beautiful, data-driven animations for React.
react-move
resonance
d3
svg
react
+5
vue-cli-plugin-apollo
0.14.0 - 0.20.0
Outdated
vue-cli 3 plugin to add Apollo and GraphQL
vue
vue-cli
apollo
graphql
akryum
lottie-api
1.0.0 - 1.0.2
Outdated
A library to edit lottie-web animations dynamically
airnan
woothee
0.3.0 - 1.11.1
User-Agent string parser (js implementation)
tagomoris
botframework-webchat-core
4.4.1 - 4.15.2
Outdated
Core of botframework-webchat
+2
botframework-webchat-component
4.9.2 - 4.15.4
Outdated
React component of botframework-webchat
+2
Popular search queries
webpack.js.org
url
react-scripts
react
lottie-api
react-helmet-async
+7 packages
github.com
color-convert
@headlessui/react
hoist-non-react-statics
reactstrap
lit-html
+60 packages
pinterest.com
lodash
relay-runtime
react-relay
react-use
lodash-es
+51 packages
Popular packages
react
React is a JavaScript library for building user interfaces.
+6 634 websites
core-js
Standard library
+10 238 websites
es5-ext
ECMAScript extensions and shims
+10 229 websites
@babel/runtime
babel's modular runtime helpers
+8 352 websites
lodash
Lodash modular utilities.
+4 826 websites
axios
Promise based HTTP client for the browser and node.js
+4 742 websites