Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

174 advisories

Loading
convict vulnerable to Prototype Pollution High
CVE-2023-0163 was published for convict (npm) Jan 10, 2023
Captain-K-101
Prototype Pollution in JSON5 via Parse Method High
CVE-2022-46175 was published for json5 (npm) Dec 29, 2022
jdgregson karlhorky
jordanbtucker jakebailey ebroder kenkku gazben BGehrels mrgrain sigma-z viceice burdeasa sirenevenkii edwardlee-msft
Starcounter-Jack JSON-Patch Prototype Pollution vulnerability High
CVE-2021-4279 was published for fast-json-patch (npm) Dec 25, 2022
sharonbz
tree-kit vulnerable to Prototype Pollution High
CVE-2021-4278 was published for tree-kit (npm) Dec 25, 2022
dustjs-linkedin vulnerable to Prototype Pollution High
CVE-2021-4264 was published for dustjs-linkedin (npm) Dec 21, 2022
qs vulnerable to Prototype Pollution High
CVE-2022-24999 was published for qs (npm) Nov 27, 2022
dougwilson
Parse Server is vulnerable to Prototype Pollution via Cloud Code Webhooks High
CVE-2022-41879 was published for parse-server (npm) Nov 10, 2022
Parse Server vulnerable to Prototype Pollution via Cloud Code Webhooks or Cloud Code Triggers High
CVE-2022-41878 was published for parse-server (npm) Nov 9, 2022
Prototype pollution in Snowboard framework High
CVE-2022-39357 was published for wintercms/winter (Composer) Oct 27, 2022
hoek subject to prototype pollution via the clone function. High
CVE-2020-36604 was published for @hapi/hoek (npm) Sep 25, 2022
levpachmanov
automattic/mongoose vulnerable to Prototype pollution via Schema.path High
CVE-2022-2564 was published for mongoose (npm) Jul 29, 2022
vovikhangcdv neeraj-vts
grunt-util-property 0.0.2 function call can add/modify properties of Object.prototype using a __proto__ payload High
CVE-2020-7641 was published for grunt-util-property (npm) Jul 18, 2022
Prototype Pollution in deep-get-set High
CVE-2022-21231 was published for deep-get-set (npm) Jun 25, 2022
Prototype Pollution in mout High
CVE-2022-21213 was published for mout (npm) Jun 18, 2022
ssong
Prototype Pollution in protobufjs High
CVE-2022-25878 was published for protobufjs (npm) May 28, 2022
dotdash steinz
mootools-more vulnerable to prototype pollution High
CVE-2021-20088 was published for mootools-more (npm) May 24, 2022
jquery-plugin-query-object contains prototype pollution vulnerability High
CVE-2021-20083 was published for jquery-query-object (npm) May 24, 2022
Prototype pollution in @strikeentco/set High
CVE-2020-28267 was published for @strikeentco/set (npm) May 24, 2022
jhutchings1
Prototype Pollution in sds High
CVE-2022-25862 was published for sds (npm) May 14, 2022
ProTip! Advisories are also available from the GraphQL API