GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,029
Erlang
29
GitHub Actions
16
Go
1,833
Maven
5,000+
npm
3,573
NuGet
632
pip
3,160
Pub
10
RubyGems
847
Rust
798
Swift
34
Unreviewed advisories
All unreviewed
5,000+
147 advisories
Filter by severity
Prototype Pollution via file load in aws-sdk and @aws-sdk/shared-ini-file-loader
High
CVE-2020-28472
was published
for
@aws-sdk/shared-ini-file-loader
(npm)
Nov 16, 2021
Prototype pollution in Snowboard framework
High
CVE-2022-39357
was published
for
wintercms/winter
(Composer)
Oct 27, 2022
Prototype Pollution in cached-path-relative
High
CVE-2021-23518
was published
for
cached-path-relative
(npm)
Jan 27, 2022
Prototype Pollution in jsgui-lang-essentials
High
CVE-2022-25301
was published
for
jsgui-lang-essentials
(npm)
May 3, 2022
Prototype Pollution in Node-Red
High
CVE-2021-21297
was published
for
@node-red/runtime
(npm)
Feb 26, 2021
Prototype Pollution in copy-props
High
CVE-2020-28503
was published
for
copy-props
(npm)
Jan 6, 2022
Prototype pollution in json8-merge-patch
High
CVE-2020-8268
was published
for
json8-merge-patch
(npm)
May 10, 2021
Prototype Pollution in simpl-schema
High
CVE-2020-7742
was published
for
simpl-schema
(npm)
May 10, 2021
Prototype pollution in controlled-merge
High
CVE-2020-28268
was published
for
controlled-merge
(npm)
May 18, 2021
Prototype Pollution in deep-get-set
High
CVE-2020-7715
was published
for
deep-get-set
(npm)
May 6, 2021
Prototype Pollution in jquery-deparam
High
CVE-2021-20087
was published
for
jquery-deparam
(npm)
May 24, 2021
Prototype Pollution in jquery-bbq
High
CVE-2021-20086
was published
for
jquery-bbq
(npm)
May 24, 2021
Prototype Pollution in think-helper
High
CVE-2021-32736
was published
for
think-helper
(npm)
Jul 1, 2021
Prototype Pollution in @fabiocaccamo/utils.js
High
CVE-2021-3815
was published
for
@fabiocaccamo/utils.js
(npm)
Dec 10, 2021
tree-kit vulnerable to Prototype Pollution
High
CVE-2021-4278
was published
for
tree-kit
(npm)
Dec 25, 2022
ProTip!
Advisories are also available from the
GraphQL API