GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
134 advisories
Filter by severity
Improperly Controlled Modification of Dynamically-Determined Object Attributes in Apache Struts
Critical
CVE-2019-0230
was published
for
org.apache.struts:struts2-core
(Maven)
Dec 2, 2021
Prototype Pollution in algoliasearch-helper
Critical
CVE-2021-23433
was published
for
algoliasearch-helper
(npm)
Nov 23, 2021
json-schema is vulnerable to Prototype Pollution
Critical
CVE-2021-3918
was published
for
json-schema
(npm)
Nov 19, 2021
Prototype pollution vulnerability in 'patchmerge'
Critical
CVE-2021-25916
was published
for
patchmerge
(npm)
Oct 13, 2021
Prototype pollution in object-hierarchy-access
Critical
CVE-2020-28270
was published
for
object-hierarchy-access
(npm)
Oct 12, 2021
Prototype pollution in getobject
Critical
CVE-2020-28282
was published
for
getobject
(npm)
Oct 12, 2021
Prototype pollution in aurelia-path
Critical
CVE-2021-41097
was published
for
aurelia-path
(npm)
Sep 27, 2021
merge vulnerable to Prototype Pollution
Critical
CVE-2021-3645
was published
for
@viking04/merge
(npm)
Sep 13, 2021
objection.js Prototype Pollution vulnerability
Critical
CVE-2021-3766
was published
for
objection
(npm)
Sep 7, 2021
Prototype pollution in safe-flat
Critical
CVE-2021-25927
was published
for
safe-flat
(npm)
Jun 21, 2021
Prototype pollution in safe-obj
Critical
CVE-2021-25928
was published
for
safe-obj
(npm)
Jun 21, 2021
set-getter Prototype Pollution Vulnerability
Critical
CVE-2021-25949
was published
for
set-getter
(npm)
Jun 21, 2021
Prototype pollution vulnerability in js-extend
Critical
CVE-2021-25945
was published
for
js-extend
(npm)
Jun 8, 2021
Prototype pollution in nconf-toml
Critical
CVE-2021-25946
was published
for
nconf-toml
(npm)
Jun 7, 2021
Prototype pollution in Merge-deep
Critical
CVE-2021-26707
was published
for
merge-deep
(npm)
Jun 7, 2021
Prototype Pollution in deep-override
Critical
CVE-2021-25941
was published
for
deep-override
(npm)
May 17, 2021
Autobinding vulnerability in MITREid Connect
Critical
CVE-2021-27582
was published
for
org.mitre:openid-connect-parent
(Maven)
May 13, 2021
Prototype Pollution in doc-path
Critical
CVE-2020-7772
was published
for
doc-path
(npm)
May 10, 2021
ProTip!
Advisories are also available from the
GraphQL API