Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

412 advisories

Loading
convict vulnerable to Prototype Pollution High
CVE-2023-0163 was published for convict (npm) Jan 10, 2023
Captain-K-101
rangy vulnerable to Prototype Pollution High
CVE-2023-26102 was published for rangy (npm) Feb 24, 2023
mde utilities contains Prototype Pollution High
CVE-2023-26105 was published for utilities (npm) Feb 28, 2023
phanect
dot-lens vulnerable to Prototype Pollution High
CVE-2023-26106 was published for dot-lens (npm) Mar 6, 2023
Collection.js vulnerable to Prototype Pollution High
CVE-2023-26113 was published for collection.js (npm) Mar 18, 2023
matrix-js-sdk Prototype Pollution vulnerability High
CVE-2022-36059 was published for matrix-js-sdk (npm) Mar 28, 2023
matrix-react-sdk Prototype pollution vulnerability High
CVE-2022-36060 was published for matrix-react-sdk (npm) Mar 28, 2023
Prototype pollution in matrix-react-sdk High
CVE-2023-28103 was published for matrix-react-sdk (npm) Mar 29, 2023
Prototype pollution in matrix-js-sdk (part 2) High
CVE-2023-28427 was published for matrix-js-sdk (npm) Mar 30, 2023
xml2js is vulnerable to prototype pollution Moderate
CVE-2023-0842 was published for xml2js (npm) Apr 5, 2023
brokenedtzjs OIRNOIR
simonkrol Harrington-Joe_pfghub G-Rath
safe-eval vulnerable to Prototype Pollution via the safeEval function Critical
CVE-2023-26121 was published for safe-eval (npm) Apr 11, 2023
safe-eval vulnerable to Sandbox Bypass due to improper input sanitization Critical
CVE-2023-26122 was published for safe-eval (npm) Apr 11, 2023
Prototype Pollution in sheetJS High
CVE-2023-30533 was published for xlsx (npm) Apr 24, 2023
pmartinat stof
Prototype Pollution in vConsole Critical
CVE-2023-30363 was published for vconsole (npm) Apr 26, 2023
renbaoshuo
Possible prototype pollution in metadata record, when using meta decorator Low
CVE-2023-30857 was published for @aedart/support (npm) May 1, 2023
antfu/utils vulnerable to prototype pollution Moderate
CVE-2023-2972 was published for @antfu/utils (npm) May 30, 2023
dottie vulnerable to Prototype Pollution High
CVE-2023-26132 was published for dottie (npm) Jun 10, 2023
progressbar.js vulnerable to Prototype Pollution High
CVE-2023-26133 was published for progressbar.js (npm) Jun 12, 2023
kimmobrunfeldt juburr
fast-xml-parser vulnerable to Prototype Pollution through tag or attribute name Moderate
CVE-2023-26920 was published for fast-xml-parser (npm) Jun 13, 2023
Sudistark
flatnest Prototype Pollution vulnerability High
CVE-2023-26135 was published for flatnest (npm) Jun 30, 2023
Parse Server vulnerable to remote code execution via MongoDB BSON parser through prototype pollution Critical
CVE-2023-36475 was published for parse-server (npm) Jun 30, 2023
dblythy mtrezza
tough-cookie Prototype Pollution vulnerability Moderate
CVE-2023-26136 was published for tough-cookie (npm) Jul 1, 2023
axi92
ProTip! Advisories are also available from the GraphQL API