Official SDK for Box Platform APIs
85%
Total Score
79
95
100
100
50
| Title | Versions | Severity |
|---|---|---|
AIKIDO-2025-10367 Pre-CVE Found by Aikido Intel before public disclosure or CVE publication. box-node-sdk is vulnerable to Observable Timing Discrepancy in versions 1.37.1 - 3.8.0. | 1.37.1 - 3.8.0 | Low |
| Dependency | Last Release | Score |
|---|---|---|
jose Version ^5.2.2 | — | — |
uuid Version ^11.1.1 | — | — |
tslib Version ^2.6.2 | — | — |
buffer Version ^6.0.3 | — | — |
form-data Version ^4.0.4 | — | — |
Connect your repositories to instantly see whether vulnerable or malicious packages exist in your codebase.
Free. No credit card required.

SOC 2Compliant
ISO 27001Compliant