Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,978
Erlang
29
GitHub Actions
16
Go
1,768
Maven
4,991
npm
3,537
NuGet
616
pip
3,107
Pub
10
RubyGems
837
Rust
786
Swift
34
Unreviewed advisories
All unreviewed
5,000+

67 advisories

Loading
Prototype pollution in class-transformer Moderate
CVE-2020-7637 was published for class-transformer (npm) Apr 7, 2020
Prototype pollution in multi-ini Moderate
CVE-2020-28460 was published for multi-ini (npm) Apr 13, 2021
confinit vulnerable to prototype pollution Moderate
CVE-2020-7638 was published for confinit (npm) Apr 7, 2020
Prototype Pollution in sds Moderate
CVE-2020-7618 was published for sds (npm) Sep 3, 2020
Improperly Controlled Modification of Dynamically-Determined Object Attributes in querymen Moderate
CVE-2020-7600 was published for querymen (npm) May 7, 2021
Improperly Controlled Modification of Dynamically-Determined Object Attributes in express-mock-middleware Moderate
CVE-2020-7616 was published for express-mock-middleware (npm) Dec 9, 2021
Prototype Pollution in open-graph Moderate
CVE-2021-23419 was published for open-graph (npm) Sep 1, 2021
Improperly Controlled Modification of Dynamically-Determined Object Attributes in vega-util Moderate
CVE-2019-10806 was published for vega-util (npm) May 7, 2021
Prototype pollution in json-pointer Moderate
CVE-2020-7709 was published for json-pointer (npm) May 10, 2021
Prototype Pollution in querymen Moderate
CVE-2022-25871 was published for querymen (npm) Jun 18, 2022
Prototype Pollution in json-pointer Moderate
CVE-2021-23820 was published for json-pointer (npm) Nov 8, 2021
G-Rath
Prototype Pollution in bodymen Moderate
CVE-2022-25296 was published for bodymen (npm) Mar 18, 2022
Sandbox escape in notevil and argencoders-notevil Moderate
CVE-2021-23771 was published for argencoders-notevil (npm) Mar 18, 2022
yargs-parser Vulnerable to Prototype Pollution Moderate
CVE-2020-7608 was published for yargs-parser (npm) Sep 4, 2020
Prototype Pollution in mergify Moderate
GHSA-3f95-w5h5-fq86 was published for mergify (npm) Sep 11, 2020
Prototype Pollution in smart-extend Moderate
GHSA-f8h3-rqrm-47v9 was published for smart-extend (npm) Sep 2, 2020
Sandbox Breakout / Prototype Pollution in notevil Moderate
GHSA-9gxr-rhx6-4jgv was published for notevil (npm) Sep 4, 2020
ProTip! Advisories are also available from the GraphQL API