GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
60 advisories
Filter by severity
sqlite vulnerable to code execution due to Object coercion
High
CVE-2022-43441
was published
for
sqlite3
(npm)
Mar 13, 2023
Prototype Pollution in deepmerge-ts
High
CVE-2022-24802
was published
for
deepmerge-ts
(npm)
Apr 1, 2022
Uncontrolled Resource Consumption in fun-map
High
CVE-2020-7644
was published
for
fun-map
(npm)
Dec 10, 2021
Prototype Pollution in record-like-deep-assign
High
CVE-2021-23402
was published
for
record-like-deep-assign
(npm)
Dec 10, 2021
Prototype polluation in just-safe-set
Critical
CVE-2021-25952
was published
for
just-safe-set
(npm)
Dec 10, 2021
Improperly Controlled Modification of Dynamically-Determined Object Attributes in express-mock-middleware
Moderate
CVE-2020-7616
was published
for
express-mock-middleware
(npm)
Dec 9, 2021
Prototype Pollution in algoliasearch-helper
Critical
CVE-2021-23433
was published
for
algoliasearch-helper
(npm)
Nov 23, 2021
json-schema is vulnerable to Prototype Pollution
Critical
CVE-2021-3918
was published
for
json-schema
(npm)
Nov 19, 2021
Prototype pollution in object-hierarchy-access
Critical
CVE-2020-28270
was published
for
object-hierarchy-access
(npm)
Oct 12, 2021
Prototype pollution in aurelia-path
Critical
CVE-2021-41097
was published
for
aurelia-path
(npm)
Sep 27, 2021
Prototype Pollution in object-path
High
CVE-2021-3805
was published
for
object-path
(npm)
Sep 20, 2021
Prototype Pollution in cookiex/deep
High
CVE-2021-23442
was published
for
@cookiex/deep
(npm)
Sep 20, 2021
Prototype Pollution in the merge and clone helper methods
Moderate
CVE-2021-39227
was published
for
zrender
(npm)
Sep 20, 2021
body-parser-xml vulnerable to Prototype Pollution
High
CVE-2021-3666
was published
for
body-parser-xml
(npm)
Sep 14, 2021
merge vulnerable to Prototype Pollution
Critical
CVE-2021-3645
was published
for
@viking04/merge
(npm)
Sep 13, 2021
objection.js Prototype Pollution vulnerability
Critical
CVE-2021-3766
was published
for
objection
(npm)
Sep 7, 2021
Prototype Pollution in merge-change
Critical
CVE-2021-23421
was published
for
merge-change
(npm)
Sep 1, 2021
Prototype Pollution in open-graph
Moderate
CVE-2021-23419
was published
for
open-graph
(npm)
Sep 1, 2021
ProTip!
Advisories are also available from the
GraphQL API