Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,618
NuGet
638
pip
3,231
Pub
10
RubyGems
854
Rust
817
Swift
35
Unreviewed advisories
All unreviewed
5,000+

145 advisories

Loading
Prototype pollution in min-dash < 3.8.1 High
GHSA-2m53-83f3-562j was published for min-dash (npm) Feb 1, 2022
cristianstaicu
Prototype Pollution in bmoor High
CVE-2021-23558 was published for bmoor (npm) Feb 1, 2022
Prototype Pollution in @strikeentco/set High
CVE-2021-23497 was published for @strikeentco/set (npm) Feb 5, 2022
Prototype Pollution in putil-merge High
CVE-2021-23470 was published for putil-merge (npm) Feb 5, 2022
Prototype Pollution in object-path-set High
CVE-2021-23507 was published for object-path-set (npm) Feb 5, 2022
Validation bypass in frourio High
CVE-2022-23623 was published for frourio (npm) Feb 7, 2022
SegaraRai LumaKernel
Validation bypass in frourio-express High
CVE-2022-23624 was published for frourio-express (npm) Feb 7, 2022
SegaraRai LumaKernel
Prototype Pollution in mout High
CVE-2020-7792 was published for mout (npm) Feb 9, 2022
Prototype pollution in pathval High
CVE-2020-7751 was published for pathval (npm) Feb 10, 2022
Prototype Pollution in safetydance High
CVE-2020-7737 was published for safetydance (npm) Feb 10, 2022
Prototype Pollution in deepmerge-ts High
CVE-2022-24802 was published for deepmerge-ts (npm) Apr 1, 2022
Prototype Pollution in async High
CVE-2021-43138 was published for async (npm) Apr 7, 2022
dargmuesli FrederikBolding
jomi-se azaleski morenol MaxLian11
Prototype Pollution in fullpage.js High
CVE-2022-1295 was published for fullpage.js (npm) Apr 12, 2022
Prototype Pollution in nconf High
CVE-2022-21803 was published for nconf (npm) Apr 13, 2022
Prototype Pollution in madlib-object-utils High
CVE-2022-24279 was published for madlib-object-utils (npm) Apr 16, 2022
Prototype Pollution in convict High
CVE-2022-22143 was published for convict (npm) Apr 20, 2022
cristianstaicu arjunshibu
Prototype Pollution in jsgui-lang-essentials High
CVE-2022-25301 was published for jsgui-lang-essentials (npm) May 3, 2022
Prototype Pollution in Dexie High
CVE-2022-21189 was published for dexie (npm) May 3, 2022
Prototype Pollution in sds High
CVE-2022-25862 was published for sds (npm) May 14, 2022
Prototype pollution in @strikeentco/set High
CVE-2020-28267 was published for @strikeentco/set (npm) May 24, 2022
jhutchings1
jquery-plugin-query-object contains prototype pollution vulnerability High
CVE-2021-20083 was published for jquery-query-object (npm) May 24, 2022
mootools-more vulnerable to prototype pollution High
CVE-2021-20088 was published for mootools-more (npm) May 24, 2022
Prototype Pollution in protobufjs High
CVE-2022-25878 was published for protobufjs (npm) May 28, 2022
dotdash steinz
Prototype Pollution in mout High
CVE-2022-21213 was published for mout (npm) Jun 18, 2022
ssong
Prototype Pollution in deep-get-set High
CVE-2022-21231 was published for deep-get-set (npm) Jun 25, 2022
ProTip! Advisories are also available from the GraphQL API