Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,978
Erlang
29
GitHub Actions
16
Go
1,768
Maven
4,991
npm
3,537
NuGet
616
pip
3,107
Pub
10
RubyGems
837
Rust
786
Swift
34
Unreviewed advisories
All unreviewed
5,000+

62 advisories

Loading
Prototype Pollution in iniparserjs Moderate
CVE-2021-23328 was published for iniparserjs (npm) Apr 13, 2021
Prototype poisoning Moderate
CVE-2021-21368 was published for msgpack5 (npm) Mar 12, 2021
ninevra
Prototype Pollution in mergify Moderate
GHSA-3f95-w5h5-fq86 was published for mergify (npm) Sep 11, 2020
yargs-parser Vulnerable to Prototype Pollution Moderate
CVE-2020-7608 was published for yargs-parser (npm) Sep 4, 2020
Sandbox Breakout / Prototype Pollution in notevil Moderate
GHSA-9gxr-rhx6-4jgv was published for notevil (npm) Sep 4, 2020
Prototype Pollution in sds Moderate
CVE-2020-7618 was published for sds (npm) Sep 3, 2020
Prototype Pollution in smart-extend Moderate
GHSA-f8h3-rqrm-47v9 was published for smart-extend (npm) Sep 2, 2020
confinit vulnerable to prototype pollution Moderate
CVE-2020-7638 was published for confinit (npm) Apr 7, 2020
Prototype pollution in class-transformer Moderate
CVE-2020-7637 was published for class-transformer (npm) Apr 7, 2020
Prototype Pollution in minimist Moderate
CVE-2020-7598 was published for minimist (npm) Apr 3, 2020
ayatweb
XSS in jQuery as used in Drupal, Backdrop CMS, and other products Moderate
CVE-2019-11358 was published for django (RubyGems) Apr 26, 2019
klaudialax eoftedal
Prototype Pollution in lodash Moderate
CVE-2018-3721 was published for lodash (npm) Jul 26, 2018
ProTip! Advisories are also available from the GraphQL API