GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,016
Maven
5,000+
npm
3,721
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
852
Swift
36
Unreviewed advisories
All unreviewed
5,000+
131 advisories
Filter by severity
DOMPurify vulnerable to tampering by prototype polution
Critical
CVE-2024-48910
was published
for
dompurify
(npm)
Oct 31, 2024
Prototype pollution in izatop bunt
Critical
CVE-2024-38989
was published
for
@bunt/app
(npm)
Aug 12, 2024
@thi.ng/paths Prototype Pollution vulnerability
Critical
CVE-2024-29650
was published
for
@thi.ng/paths
(npm)
Mar 25, 2024
jsonic was discovered to contain a prototype pollution via the function empty.
Critical
CVE-2024-38993
was published
for
jsonic
(npm)
Jul 1, 2024
•
withdrawn
Blackprint @blackprint/engine Prototype Pollution issue
Critical
CVE-2024-24294
was published
for
@blackprint/engine
(npm)
May 20, 2024
protobufjs Prototype Pollution vulnerability
Critical
CVE-2023-36665
was published
for
protobufjs
(npm)
Jul 5, 2023
Prototype Pollution in minimist
Critical
CVE-2021-44906
was published
for
minimist
(npm)
Mar 18, 2022
deep-defaults vulnerable to prototype pollution
Critical
CVE-2021-25944
was published
for
deep-defaults
(npm)
May 24, 2022
thlorenz browserify-shim vulnerable to prototype pollution
Critical
CVE-2022-37617
was published
for
browserify-shim
(npm)
Oct 12, 2022
thlorenz browserify-shim vulnerable to prototype pollution
Critical
CVE-2022-37621
was published
for
browserify-shim
(npm)
Oct 29, 2022
thlorenz browserify-shim vulnerable to prototype pollution
Critical
CVE-2022-37623
was published
for
browserify-shim
(npm)
Oct 31, 2022
Mongoose Vulnerable to Prototype Pollution in Schema Object
Critical
CVE-2022-24304
was published
for
mongoose
(npm)
Aug 27, 2022
tschaub gh-pages vulnerable to prototype pollution
Critical
CVE-2022-37611
was published
for
gh-pages
(npm)
Oct 12, 2022
Prototype pollution vulnerability in 'deep-set'
Critical
CVE-2020-28276
was published
for
deep-set
(npm)
May 24, 2022
flattenizer vulnerable to prototype pollution
Critical
CVE-2020-28279
was published
for
flattenizer
(npm)
May 24, 2022
json-pointer vulnerable to Prototype Pollution
Critical
CVE-2022-4742
was published
for
json-pointer
(npm)
Dec 26, 2022
JSONata expression can pollute the "Object" prototype
Critical
CVE-2024-27307
was published
for
jsonata
(npm)
Mar 4, 2024
dset vulnerable to prototype pollution
Critical
CVE-2020-28277
was published
for
dset
(npm)
May 24, 2022
shvl vulnerable to prototype pollution
Critical
CVE-2020-28278
was published
for
shvl
(npm)
May 24, 2022
npm package rfc6902 vulnerable to Prototype Pollution
Critical
CVE-2021-4245
was published
for
rfc6902
(npm)
Dec 15, 2022
Prototype Pollution in handlebars
Critical
CVE-2021-23383
was published
for
handlebars
(npm)
Feb 10, 2022
plotly.js prototype pollution vulnerability
Critical
CVE-2023-46308
was published
for
plotly.js
(Composer)
Jan 3, 2024
ProTip!
Advisories are also available from the
GraphQL API