GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,220
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,333
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
154 advisories
Filter by severity
Prototype pollution in controlled-merge
High
CVE-2020-28268
was published
for
controlled-merge
(npm)
May 18, 2021
Improperly Controlled Modification of Dynamically-Determined Object Attributes in casperjs
High
CVE-2020-7679
was published
for
casperjs
(npm)
May 17, 2021
Prototype pollution in json8-merge-patch
High
CVE-2020-8268
was published
for
json8-merge-patch
(npm)
May 10, 2021
Prototype pollution in grpc and @grpc/grpc-js
High
CVE-2020-7768
was published
for
@grpc/grpc-js
(npm)
May 10, 2021
Arbitrary Code Execution in json-ptr
High
CVE-2020-7766
was published
for
json-ptr
(npm)
May 10, 2021
Prototype Pollution in simpl-schema
High
CVE-2020-7742
was published
for
simpl-schema
(npm)
May 10, 2021
Improperly Controlled Modification of Dynamically-Determined Object Attributes in utilitify
High
CVE-2019-10808
was published
for
utilitify
(npm)
May 7, 2021
Prototype Pollution in deep-get-set
High
CVE-2020-7715
was published
for
deep-get-set
(npm)
May 6, 2021
Prototype Pollution in backbone-query-parameters
High
CVE-2021-20085
was published
for
backbone-query-parameters
(npm)
May 6, 2021
Prototype Pollution in Node-Red
High
CVE-2021-21297
was published
for
@node-red/runtime
(npm)
Feb 26, 2021
Dynamic modification of RPyC service due to missing security check
High
CVE-2019-16328
was published
for
rpyc
(pip)
Feb 17, 2021
datatables.net vulnerable to Prototype Pollution due to incomplete fix
High
CVE-2020-28458
was published
for
datatables.net
(npm)
Dec 17, 2020
ini before 1.3.6 vulnerable to Prototype Pollution via ini.parse
High
CVE-2020-7788
was published
for
ini
(npm)
Dec 10, 2020
Prototype Pollution in node-forge
High
CVE-2020-7720
was published
for
node-forge
(npm)
Sep 14, 2020
Prototype Pollution in safe-object2
High
GHSA-qccf-q7p4-3q3j
was published
for
safe-object2
(npm)
Sep 4, 2020
Prototype Pollution in getsetdeep
High
GHSA-8j49-49jq-vwcq
was published
for
getsetdeep
(npm)
Sep 4, 2020
ProTip!
Advisories are also available from the
GraphQL API