Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,029
Erlang
29
GitHub Actions
16
Go
1,833
Maven
5,000+
npm
3,573
NuGet
632
pip
3,160
Pub
10
RubyGems
847
Rust
798
Swift
34
Unreviewed advisories
All unreviewed
5,000+

147 advisories

Loading
Prototype Pollution via file load in aws-sdk and @aws-sdk/shared-ini-file-loader High
CVE-2020-28472 was published for @aws-sdk/shared-ini-file-loader (npm) Nov 16, 2021
kurt-r2c
Prototype pollution in Snowboard framework High
CVE-2022-39357 was published for wintercms/winter (Composer) Oct 27, 2022
Prototype Pollution in mout High
CVE-2022-21213 was published for mout (npm) Jun 18, 2022
ssong
Prototype Pollution in dojo High
CVE-2021-23450 was published for dojo (npm) Jan 5, 2022
Prototype Pollution in cached-path-relative High
CVE-2021-23518 was published for cached-path-relative (npm) Jan 27, 2022
Prototype Pollution in Dexie High
CVE-2022-21189 was published for dexie (npm) May 3, 2022
Prototype Pollution in jsgui-lang-essentials High
CVE-2022-25301 was published for jsgui-lang-essentials (npm) May 3, 2022
Prototype Pollution in Node-Red High
CVE-2021-21297 was published for @node-red/runtime (npm) Feb 26, 2021
Prototype Pollution in Dynamoose High
CVE-2021-21304 was published for dynamoose (npm) Feb 8, 2021
Prototype Pollution in decal High
CVE-2020-28449 was published for decal (npm) Apr 13, 2021
Prototype Pollution in copy-props High
CVE-2020-28503 was published for copy-props (npm) Jan 6, 2022
Prototype pollution in json8-merge-patch High
CVE-2020-8268 was published for json8-merge-patch (npm) May 10, 2021
Prototype pollution in pathval High
CVE-2020-7751 was published for pathval (npm) Feb 10, 2022
Prototype Pollution in simpl-schema High
CVE-2020-7742 was published for simpl-schema (npm) May 10, 2021
Prototype pollution in controlled-merge High
CVE-2020-28268 was published for controlled-merge (npm) May 18, 2021
Prototype Pollution in deep-get-set High
CVE-2020-7715 was published for deep-get-set (npm) May 6, 2021
Prototype Pollution in jquery-deparam High
CVE-2021-20087 was published for jquery-deparam (npm) May 24, 2021
Prototype Pollution in jquery-bbq High
CVE-2021-20086 was published for jquery-bbq (npm) May 24, 2021
Prototype Pollution in think-helper High
CVE-2021-32736 was published for think-helper (npm) Jul 1, 2021
yoshino-s
Prototype Pollution in Proto High
CVE-2021-23426 was published for Proto (npm) Sep 2, 2021
Prototype Pollution in @fabiocaccamo/utils.js High
CVE-2021-3815 was published for @fabiocaccamo/utils.js (npm) Dec 10, 2021
tree-kit vulnerable to Prototype Pollution High
CVE-2021-4278 was published for tree-kit (npm) Dec 25, 2022
Prototype Pollution in sds High
CVE-2022-25862 was published for sds (npm) May 14, 2022
Prototype Pollution in extend2 High
CVE-2021-23568 was published for extend2 (npm) Jan 12, 2022
Prototype Pollution in min-dash High
CVE-2021-23460 was published for min-dash (npm) Jan 27, 2022
ProTip! Advisories are also available from the GraphQL API