GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
151 advisories
Filter by severity
Prototype Pollution in tiny-conf
Critical
CVE-2020-7724
was published
for
tiny-conf
(npm)
May 10, 2021
Prototype Pollution in node-oojs
Critical
CVE-2020-7721
was published
for
node-oojs
(npm)
May 6, 2021
Prototype Pollution in promisehelpers
Critical
CVE-2020-7723
was published
for
promisehelpers
(npm)
May 6, 2021
Prototype Pollution in dot-notes
Critical
CVE-2020-7717
was published
for
dot-notes
(npm)
May 6, 2021
Prototype Pollution in set-or-get
Critical
CVE-2021-25913
was published
for
set-or-get
(npm)
Apr 12, 2021
Prototype Pollution in doc-path
Critical
CVE-2020-7772
was published
for
doc-path
(npm)
May 10, 2021
Prototype pollution in set-object-value
Critical
CVE-2020-28281
was published
for
set-object-value
(npm)
Apr 13, 2021
Prototype Pollution in multi-ini
Critical
CVE-2020-28448
was published
for
multi-ini
(npm)
Apr 13, 2021
Prototype Pollution Vulnerability in object-collider
Critical
CVE-2021-25914
was published
for
object-collider
(npm)
Mar 19, 2021
steal vulnerable to Prototype Pollution via alias variable
Critical
CVE-2022-37265
was published
for
steal
(npm)
Sep 21, 2022
steal vulnerable to Prototype Pollution
Critical
CVE-2022-37258
was published
for
steal
(npm)
Sep 17, 2022
linux-cmdline is vulnerable to Prototype Pollution via the constructor
Critical
CVE-2020-7704
was published
for
linux-cmdline
(npm)
May 24, 2022
steal vulnerable to Prototype Pollution via key variable in babel.js
Critical
CVE-2022-37266
was published
for
steal
(npm)
Sep 16, 2022
steal vulnerable to Prototype Pollution via requestedVersion variable
Critical
CVE-2022-37257
was published
for
steal
(npm)
Sep 16, 2022
TypeORM vulnerable to MAID and Prototype Pollution
Critical
CVE-2020-8158
was published
for
typeorm
(npm)
May 7, 2021
steal vulnerable to Prototype Pollution via optionName variable
Critical
CVE-2022-37264
was published
for
steal
(npm)
Sep 16, 2022
Properties-Reader before v2.2.0 vulnerable to prototype pollution
Critical
CVE-2020-28471
was published
for
properties-reader
(npm)
Jul 19, 2022
FurqanSoftware/node-whois vulnerable to Prototype Pollution
Critical
CVE-2020-36618
was published
for
whois
(npm)
Dec 19, 2022
Prototype Pollution in deep.assign
Critical
CVE-2021-40663
was published
for
deep.assign
(npm)
Jul 1, 2022
merge vulnerable to Prototype Pollution
Critical
CVE-2021-3645
was published
for
@viking04/merge
(npm)
Sep 13, 2021
flat vulnerable to Prototype Pollution
Critical
CVE-2020-36632
was published
for
flat
(npm)
Dec 25, 2022
Prototype pollution vulnerability in function DEFNODE in ast.js in mishoo UglifyJS 3.13.2 via the...
Critical
Unreviewed
CVE-2022-37598
was published
Oct 20, 2022
ProTip!
Advisories are also available from the
GraphQL API