Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,736
Maven
5,000+
npm
4,336
NuGet
764
pip
4,110
Pub
12
RubyGems
960
Rust
1,068
Swift
45
Unreviewed advisories
All unreviewed
5,000+

213 advisories

Loading
Parse Server vulnerable to Prototype Pollution via Cloud Code Webhooks or Cloud Code Triggers High
CVE-2022-41878 was published for parse-server (npm) Nov 9, 2022
Prototype Pollution in nedb High
CVE-2021-23395 was published for nedb (npm) Jun 21, 2021
Prototype Pollution in backbone-query-parameters High
CVE-2021-20085 was published for backbone-query-parameters (npm) May 6, 2021
Validation bypass in frourio-express High
CVE-2022-23624 was published for frourio-express (npm) Feb 7, 2022
SegaraRai LumaKernel
Credited to SegaraRai and LumaKernel
Validation bypass in frourio High
CVE-2022-23623 was published for frourio (npm) Feb 7, 2022
SegaraRai LumaKernel
Credited to SegaraRai and LumaKernel
jquery-plugin-query-object contains prototype pollution vulnerability High
CVE-2021-20083 was published for jquery-query-object (npm) May 24, 2022
Prototype pollution in matrix-js-sdk (part 2) High
CVE-2023-28427 was published for matrix-js-sdk (npm) Mar 30, 2023
Prototype pollution in matrix-react-sdk High
CVE-2023-28103 was published for matrix-react-sdk (npm) Mar 29, 2023
matrix-react-sdk Prototype pollution vulnerability High
CVE-2022-36060 was published for matrix-react-sdk (npm) Mar 28, 2023
matrix-js-sdk Prototype Pollution vulnerability High
CVE-2022-36059 was published for matrix-js-sdk (npm) Mar 28, 2023
dot-lens vulnerable to Prototype Pollution High
CVE-2023-26106 was published for dot-lens (npm) Mar 6, 2023
mde utilities contains Prototype Pollution High
CVE-2023-26105 was published for utilities (npm) Feb 28, 2023
phanect
Credited to phanect
rangy vulnerable to Prototype Pollution High
CVE-2023-26102 was published for rangy (npm) Feb 24, 2023
Prototype Pollution in @strikeentco/set High
CVE-2021-23497 was published for @strikeentco/set (npm) Feb 5, 2022
Prototype Pollution in bmoor High
CVE-2021-23558 was published for bmoor (npm) Feb 1, 2022
Prototype Pollution in putil-merge High
CVE-2021-23470 was published for putil-merge (npm) Feb 5, 2022
Prototype Pollution in object-path-set High
CVE-2021-23507 was published for object-path-set (npm) Feb 5, 2022
Prototype Pollution in extend2 High
CVE-2021-23568 was published for extend2 (npm) Jan 12, 2022
Prototype Pollution in sds High
CVE-2022-25862 was published for sds (npm) May 14, 2022
tree-kit vulnerable to Prototype Pollution High
CVE-2021-4278 was published for tree-kit (npm) Dec 25, 2022
Prototype Pollution in @fabiocaccamo/utils.js High
CVE-2021-3815 was published for @fabiocaccamo/utils.js (npm) Dec 10, 2021
Prototype Pollution in Proto High
CVE-2021-23426 was published for Proto (npm) Sep 2, 2021
Prototype Pollution in think-helper High
CVE-2021-32736 was published for think-helper (npm) Jul 1, 2021
yoshino-s
Credited to yoshino-s
Prototype Pollution in deep-get-set High
CVE-2020-7715 was published for deep-get-set (npm) May 6, 2021
Prototype pollution in controlled-merge High
CVE-2020-28268 was published for controlled-merge (npm) May 18, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database