GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
151 advisories
Filter by severity
Prototype Pollution in minimist
Critical
CVE-2021-44906
was published
for
minimist
(npm)
Mar 18, 2022
Command injection in Parse Server through prototype pollution
Critical
CVE-2022-24760
was published
for
parse-server
(npm)
Mar 11, 2022
Prototype Pollution in object-extend
Critical
CVE-2021-23702
was published
for
object-extend
(npm)
Feb 19, 2022
Prototype pollution in Plist before 3.0.5 can cause denial of service
Critical
CVE-2022-22912
was published
for
plist
(npm)
Feb 18, 2022
Prototype Pollution in litespeed.js and appwrite/server-ce
Critical
CVE-2021-23682
was published
for
appwrite/server-ce
(Composer)
Feb 17, 2022
Prototype Pollution in handlebars
Critical
CVE-2021-23383
was published
for
handlebars
(npm)
Feb 10, 2022
Prototype Pollution leading to Remote Code Execution in superjson
Critical
CVE-2022-23631
was published
for
blitz
(npm)
Feb 9, 2022
Prototype Pollution in realms-shim
Critical
CVE-2021-23543
was published
for
realms-shim
(npm)
Jan 13, 2022
Prototype Pollution in realms-shim
Critical
CVE-2021-23594
was published
for
realms-shim
(npm)
Jan 12, 2022
Prototype polluation in just-safe-set
Critical
CVE-2021-25952
was published
for
just-safe-set
(npm)
Dec 10, 2021
Prototype Pollution in putil-merge
Critical
CVE-2021-25953
was published
for
putil-merge
(npm)
Dec 10, 2021
Improperly Controlled Modification of Dynamically-Determined Object Attributes in Apache Struts
Critical
CVE-2019-0230
was published
for
org.apache.struts:struts2-core
(Maven)
Dec 2, 2021
Prototype Pollution in algoliasearch-helper
Critical
CVE-2021-23433
was published
for
algoliasearch-helper
(npm)
Nov 23, 2021
json-schema is vulnerable to Prototype Pollution
Critical
CVE-2021-3918
was published
for
json-schema
(npm)
Nov 19, 2021
Prototype pollution vulnerability in 'patchmerge'
Critical
CVE-2021-25916
was published
for
patchmerge
(npm)
Oct 13, 2021
Prototype pollution in object-hierarchy-access
Critical
CVE-2020-28270
was published
for
object-hierarchy-access
(npm)
Oct 12, 2021
Prototype pollution in getobject
Critical
CVE-2020-28282
was published
for
getobject
(npm)
Oct 12, 2021
Prototype pollution in aurelia-path
Critical
CVE-2021-41097
was published
for
aurelia-path
(npm)
Sep 27, 2021
ProTip!
Advisories are also available from the
GraphQL API