Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

365 advisories

Loading
Prototype Pollution in flat-wrap High
GHSA-g7h8-p22m-2rvx was published for flat-wrap (npm) Sep 4, 2020
Prototype Pollution in handlebars High
GHSA-g9r4-xpmj-mj65 was published for handlebars (npm) Sep 4, 2020
Prototype Pollution in mithril High
GHSA-c3px-v9c7-m734 was published for mithril (npm) Sep 3, 2020
Prototype Pollution in lodash.mergewith High
GHSA-779f-wgxg-qr8f was published for lodash.mergewith (npm) Sep 3, 2020
Prototype Pollution in lodash.defaultsdeep High
GHSA-46fh-8fc5-xcwx was published for lodash.defaultsdeep (npm) Sep 3, 2020
Prototype Pollution in lodash.mergewith High
GHSA-5947-m4fg-xhqg was published for lodash.mergewith (npm) Sep 3, 2020
Prototype Pollution in lodash.defaultsdeep High
GHSA-h5mp-5q4p-ggf5 was published for lodash.defaultsdeep (npm) Sep 3, 2020
Prototype Pollution in lodash.merge High
GHSA-2m96-9w4j-wgv7 was published for lodash.merge (npm) Sep 3, 2020
Prototype Pollution in lodash.merge High
GHSA-h726-x36v-rx45 was published for lodash.merge (npm) Sep 3, 2020
Prototype Pollution in sds Moderate
CVE-2020-7618 was published for sds (npm) Sep 3, 2020
Prototype Pollution in @commercial/subtext High
GHSA-36c4-4r89-6whg was published for @commercial/subtext (npm) Sep 3, 2020
Prototype Pollution in @hapi/subtext High
GHSA-g9cg-h3jm-cwrc was published for @hapi/subtext (npm) Sep 3, 2020
Prototype Pollution in subtext High
GHSA-g64q-3vg8-8f93 was published for subtext (npm) Sep 3, 2020
Prototype Pollution in smart-extend Moderate
GHSA-f8h3-rqrm-47v9 was published for smart-extend (npm) Sep 2, 2020
Prototype Pollution in merge-objects Low
GHSA-992f-wf4w-x36v was published for merge-objects (npm) Sep 1, 2020
Prototype Pollution in express-fileupload Critical
CVE-2020-7699 was published for express-fileupload (npm) Aug 5, 2020
dot-prop Prototype Pollution vulnerability High
CVE-2020-8116 was published for dot-prop (npm) Jul 29, 2020
Prototype Pollution in lodash High
CVE-2020-8203 was published for lodash (npm) Jul 15, 2020
mitchell-codecov jkmartindale
bengry greengeko tompazourek
Class destructors causing side-effects when being unserialized in TYPO3 CMS High
CVE-2020-11066 was published for typo3/cms (Composer) May 13, 2020
ohader
confinit vulnerable to prototype pollution Moderate
CVE-2020-7638 was published for confinit (npm) Apr 7, 2020
Prototype pollution in class-transformer Moderate
CVE-2020-7637 was published for class-transformer (npm) Apr 7, 2020
Prototype Pollution in minimist Moderate
CVE-2020-7598 was published for minimist (npm) Apr 3, 2020
ayatweb
Prototype pollution in dojo High
CVE-2020-5258 was published for dojo (npm) Mar 10, 2020
Phar object injection in PHPMailer High
CVE-2018-19296 was published for phpmailer/phpmailer (Composer) Mar 5, 2020
Prototype Pollution in handlebars Critical
CVE-2019-19919 was published for bootstrap-wysihtml5-rails (RubyGems) Dec 26, 2019
ProTip! Advisories are also available from the GraphQL API