GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
412 advisories
Filter by severity
xml2js is vulnerable to prototype pollution
Moderate
CVE-2023-0842
was published
for
xml2js
(npm)
Apr 5, 2023
Prototype pollution in matrix-js-sdk (part 2)
High
CVE-2023-28427
was published
for
matrix-js-sdk
(npm)
Mar 30, 2023
Prototype pollution in matrix-react-sdk
High
CVE-2023-28103
was published
for
matrix-react-sdk
(npm)
Mar 29, 2023
matrix-react-sdk Prototype pollution vulnerability
High
CVE-2022-36060
was published
for
matrix-react-sdk
(npm)
Mar 28, 2023
matrix-js-sdk Prototype Pollution vulnerability
High
CVE-2022-36059
was published
for
matrix-js-sdk
(npm)
Mar 28, 2023
Collection.js vulnerable to Prototype Pollution
High
CVE-2023-26113
was published
for
collection.js
(npm)
Mar 18, 2023
dot-lens vulnerable to Prototype Pollution
High
CVE-2023-26106
was published
for
dot-lens
(npm)
Mar 6, 2023
mde utilities contains Prototype Pollution
High
CVE-2023-26105
was published
for
utilities
(npm)
Feb 28, 2023
rangy vulnerable to Prototype Pollution
High
CVE-2023-26102
was published
for
rangy
(npm)
Feb 24, 2023
A prototype pollution vulnerability exists in Rocket.Chat server <5.2.0 that could allow an...
High
Unreviewed
CVE-2023-23917
was published
Feb 23, 2023
Prototype Pollution in Visioweb.js 1.10.6 allows attackers to execute XSS on the client system.
Moderate
Unreviewed
CVE-2022-3901
was published
Feb 20, 2023
convict vulnerable to Prototype Pollution
High
CVE-2023-0163
was published
for
convict
(npm)
Jan 10, 2023
Baobab vulnerable to Prototype Pollution
Critical
CVE-2021-4307
was published
for
baobab
(npm)
Jan 7, 2023
Prototype Pollution in JSON5 via Parse Method
High
CVE-2022-46175
was published
for
json5
(npm)
Dec 29, 2022
json-pointer vulnerable to Prototype Pollution
Critical
CVE-2022-4742
was published
for
json-pointer
(npm)
Dec 26, 2022
Starcounter-Jack JSON-Patch Prototype Pollution vulnerability
High
CVE-2021-4279
was published
for
fast-json-patch
(npm)
Dec 25, 2022
flat vulnerable to Prototype Pollution
Critical
CVE-2020-36632
was published
for
flat
(npm)
Dec 25, 2022
tree-kit vulnerable to Prototype Pollution
High
CVE-2021-4278
was published
for
tree-kit
(npm)
Dec 25, 2022
If an attacker was able to corrupt the methods of an Array object in JavaScript via prototype...
High
Unreviewed
CVE-2022-1802
was published
Dec 22, 2022
An attacker could have sent a message to the parent process where the contents were used to...
High
Unreviewed
CVE-2022-1529
was published
Dec 22, 2022
If an object prototype was corrupted by an attacker, they would have been able to set undesired...
High
Unreviewed
CVE-2022-2200
was published
Dec 22, 2022
dustjs-linkedin vulnerable to Prototype Pollution
High
CVE-2021-4264
was published
for
dustjs-linkedin
(npm)
Dec 21, 2022
safe-eval vulnerable to Prototype Pollution
Critical
CVE-2022-25904
was published
for
safe-eval
(npm)
Dec 20, 2022
FurqanSoftware/node-whois vulnerable to Prototype Pollution
Critical
CVE-2020-36618
was published
for
whois
(npm)
Dec 19, 2022
npm package rfc6902 vulnerable to Prototype Pollution
Critical
CVE-2021-4245
was published
for
rfc6902
(npm)
Dec 15, 2022
ProTip!
Advisories are also available from the
GraphQL API