GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
174 advisories
Filter by severity
Prototype pollution in grpc and @grpc/grpc-js
High
CVE-2020-7768
was published
for
@grpc/grpc-js
(npm)
May 10, 2021
Prototype pollution in json8-merge-patch
High
CVE-2020-8268
was published
for
json8-merge-patch
(npm)
May 10, 2021
Improperly Controlled Modification of Dynamically-Determined Object Attributes in casperjs
High
CVE-2020-7679
was published
for
casperjs
(npm)
May 17, 2021
Prototype pollution in controlled-merge
High
CVE-2020-28268
was published
for
controlled-merge
(npm)
May 18, 2021
Prototype Pollution in jquery-bbq
High
CVE-2021-20086
was published
for
jquery-bbq
(npm)
May 24, 2021
Prototype Pollution in jquery-deparam
High
CVE-2021-20087
was published
for
jquery-deparam
(npm)
May 24, 2021
Prototype Pollution in think-helper
High
CVE-2021-32736
was published
for
think-helper
(npm)
Jul 1, 2021
Improperly Controlled Modification of Object Prototype Attributes
High
GHSA-6cj2-92m5-7mvp
was published
for
think-config
(npm)
Aug 3, 2021
Remote Code Execution via Script (Python) objects under Python 3
High
CVE-2021-32811
was published
for
Zope
(pip)
Aug 5, 2021
body-parser-xml vulnerable to Prototype Pollution
High
CVE-2021-3666
was published
for
body-parser-xml
(npm)
Sep 14, 2021
Prototype Pollution in cookiex/deep
High
CVE-2021-23442
was published
for
@cookiex/deep
(npm)
Sep 20, 2021
Prototype Pollution in object-path
High
CVE-2021-3805
was published
for
object-path
(npm)
Sep 20, 2021
Prototype Pollution via file load in aws-sdk and @aws-sdk/shared-ini-file-loader
High
CVE-2020-28472
was published
for
@aws-sdk/shared-ini-file-loader
(npm)
Nov 16, 2021
Prototype Pollution in record-like-deep-assign
High
CVE-2021-23402
was published
for
record-like-deep-assign
(npm)
Dec 10, 2021
Prototype pollution in supermixer
High
CVE-2020-24939
was published
for
supermixer
(npm)
Dec 10, 2021
Uncontrolled Resource Consumption in fun-map
High
CVE-2020-7644
was published
for
fun-map
(npm)
Dec 10, 2021
Prototype Pollution in @fabiocaccamo/utils.js
High
CVE-2021-3815
was published
for
@fabiocaccamo/utils.js
(npm)
Dec 10, 2021
ProTip!
Advisories are also available from the
GraphQL API