GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,618
NuGet
638
pip
3,231
Pub
10
RubyGems
854
Rust
817
Swift
35
Unreviewed advisories
All unreviewed
5,000+
145 advisories
Filter by severity
Prototype pollution in min-dash < 3.8.1
High
GHSA-2m53-83f3-562j
was published
for
min-dash
(npm)
Feb 1, 2022
Prototype Pollution in @strikeentco/set
High
CVE-2021-23497
was published
for
@strikeentco/set
(npm)
Feb 5, 2022
Prototype Pollution in putil-merge
High
CVE-2021-23470
was published
for
putil-merge
(npm)
Feb 5, 2022
Prototype Pollution in object-path-set
High
CVE-2021-23507
was published
for
object-path-set
(npm)
Feb 5, 2022
Validation bypass in frourio-express
High
CVE-2022-23624
was published
for
frourio-express
(npm)
Feb 7, 2022
Prototype Pollution in safetydance
High
CVE-2020-7737
was published
for
safetydance
(npm)
Feb 10, 2022
Prototype Pollution in deepmerge-ts
High
CVE-2022-24802
was published
for
deepmerge-ts
(npm)
Apr 1, 2022
Prototype Pollution in fullpage.js
High
CVE-2022-1295
was published
for
fullpage.js
(npm)
Apr 12, 2022
Prototype Pollution in madlib-object-utils
High
CVE-2022-24279
was published
for
madlib-object-utils
(npm)
Apr 16, 2022
Prototype Pollution in jsgui-lang-essentials
High
CVE-2022-25301
was published
for
jsgui-lang-essentials
(npm)
May 3, 2022
Prototype pollution in @strikeentco/set
High
CVE-2020-28267
was published
for
@strikeentco/set
(npm)
May 24, 2022
jquery-plugin-query-object contains prototype pollution vulnerability
High
CVE-2021-20083
was published
for
jquery-query-object
(npm)
May 24, 2022
mootools-more vulnerable to prototype pollution
High
CVE-2021-20088
was published
for
mootools-more
(npm)
May 24, 2022
Prototype Pollution in protobufjs
High
CVE-2022-25878
was published
for
protobufjs
(npm)
May 28, 2022
Prototype Pollution in deep-get-set
High
CVE-2022-21231
was published
for
deep-get-set
(npm)
Jun 25, 2022
ProTip!
Advisories are also available from the
GraphQL API