Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

174 advisories

Loading
Prototype Pollution in think-helper High
CVE-2021-32736 was published for think-helper (npm) Jul 1, 2021
yoshino-s
Prototype Pollution in Proto High
CVE-2021-23426 was published for Proto (npm) Sep 2, 2021
Prototype Pollution in @fabiocaccamo/utils.js High
CVE-2021-3815 was published for @fabiocaccamo/utils.js (npm) Dec 10, 2021
tree-kit vulnerable to Prototype Pollution High
CVE-2021-4278 was published for tree-kit (npm) Dec 25, 2022
Prototype Pollution in sds High
CVE-2022-25862 was published for sds (npm) May 14, 2022
Prototype Pollution in extend2 High
CVE-2021-23568 was published for extend2 (npm) Jan 12, 2022
Prototype Pollution in min-dash High
CVE-2021-23460 was published for min-dash (npm) Jan 27, 2022
Prototype Pollution in object-path-set High
CVE-2021-23507 was published for object-path-set (npm) Feb 5, 2022
Prototype Pollution in putil-merge High
CVE-2021-23470 was published for putil-merge (npm) Feb 5, 2022
Prototype Pollution in bmoor High
CVE-2021-23558 was published for bmoor (npm) Feb 1, 2022
Prototype Pollution in @strikeentco/set High
CVE-2021-23497 was published for @strikeentco/set (npm) Feb 5, 2022
rangy vulnerable to Prototype Pollution High
CVE-2023-26102 was published for rangy (npm) Feb 24, 2023
mde utilities contains Prototype Pollution High
CVE-2023-26105 was published for utilities (npm) Feb 28, 2023
phanect
A prototype pollution vulnerability exists in Rocket.Chat server <5.2.0 that could allow an... High Unreviewed
CVE-2023-23917 was published Feb 23, 2023
dot-lens vulnerable to Prototype Pollution High
CVE-2023-26106 was published for dot-lens (npm) Mar 6, 2023
matrix-js-sdk Prototype Pollution vulnerability High
CVE-2022-36059 was published for matrix-js-sdk (npm) Mar 28, 2023
matrix-react-sdk Prototype pollution vulnerability High
CVE-2022-36060 was published for matrix-react-sdk (npm) Mar 28, 2023
Prototype pollution in matrix-react-sdk High
CVE-2023-28103 was published for matrix-react-sdk (npm) Mar 29, 2023
Prototype pollution in matrix-js-sdk (part 2) High
CVE-2023-28427 was published for matrix-js-sdk (npm) Mar 30, 2023
jquery-plugin-query-object contains prototype pollution vulnerability High
CVE-2021-20083 was published for jquery-query-object (npm) May 24, 2022
Validation bypass in frourio High
CVE-2022-23623 was published for frourio (npm) Feb 7, 2022
SegaraRai LumaKernel
Validation bypass in frourio-express High
CVE-2022-23624 was published for frourio-express (npm) Feb 7, 2022
SegaraRai LumaKernel
Prototype Pollution in backbone-query-parameters High
CVE-2021-20085 was published for backbone-query-parameters (npm) May 6, 2021
Prototype Pollution in nedb High
CVE-2021-23395 was published for nedb (npm) Jun 21, 2021
Parse Server vulnerable to Prototype Pollution via Cloud Code Webhooks or Cloud Code Triggers High
CVE-2022-41878 was published for parse-server (npm) Nov 9, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database