GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,618
NuGet
638
pip
3,231
Pub
10
RubyGems
854
Rust
817
Swift
35
Unreviewed advisories
All unreviewed
5,000+
341 advisories
Filter by severity
Prototype pollution in aurelia-path
Critical
CVE-2021-41097
was published
for
aurelia-path
(npm)
Sep 27, 2021
Prototype Pollution in object-path
High
CVE-2021-3805
was published
for
object-path
(npm)
Sep 20, 2021
Prototype Pollution in cookiex/deep
High
CVE-2021-23442
was published
for
@cookiex/deep
(npm)
Sep 20, 2021
Prototype Pollution in the merge and clone helper methods
Moderate
CVE-2021-39227
was published
for
zrender
(npm)
Sep 20, 2021
body-parser-xml vulnerable to Prototype Pollution
High
CVE-2021-3666
was published
for
body-parser-xml
(npm)
Sep 14, 2021
merge vulnerable to Prototype Pollution
Critical
CVE-2021-3645
was published
for
@viking04/merge
(npm)
Sep 13, 2021
objection.js Prototype Pollution vulnerability
Critical
CVE-2021-3766
was published
for
objection
(npm)
Sep 7, 2021
Prototype Pollution in mootools
Moderate
CVE-2021-23432
was published
for
mootools
(npm)
Sep 2, 2021
Prototype Pollution in object-path
Moderate
CVE-2021-23434
was published
for
object-path
(npm)
Sep 1, 2021
Prototype Pollution in open-graph
Moderate
CVE-2021-23419
was published
for
open-graph
(npm)
Sep 1, 2021
Prototype Pollution in deepmergefn
Moderate
CVE-2021-23417
was published
for
deepmergefn
(npm)
Aug 10, 2021
jszip Vulnerable to Prototype Pollution
Moderate
CVE-2021-23413
was published
for
jszip
(npm)
Aug 10, 2021
Improperly Controlled Modification of Object Prototype Attributes
High
GHSA-6cj2-92m5-7mvp
was published
for
think-config
(npm)
Aug 3, 2021
Prototype Pollution in think-helper
High
CVE-2021-32736
was published
for
think-helper
(npm)
Jul 1, 2021
Prototype pollution in safe-flat
Critical
CVE-2021-25927
was published
for
safe-flat
(npm)
Jun 21, 2021
Prototype pollution in safe-obj
Critical
CVE-2021-25928
was published
for
safe-obj
(npm)
Jun 21, 2021
set-getter Prototype Pollution Vulnerability
Critical
CVE-2021-25949
was published
for
set-getter
(npm)
Jun 21, 2021
ProTip!
Advisories are also available from the
GraphQL API