GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,016
Maven
5,000+
npm
3,721
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
852
Swift
36
Unreviewed advisories
All unreviewed
5,000+
153 advisories
Filter by severity
convict vulnerable to Prototype Pollution
High
CVE-2023-0163
was published
for
convict
(npm)
Jan 10, 2023
@backstage/plugin-catalog-backend Prototype Pollution vulnerability
High
CVE-2024-45815
was published
for
@backstage/plugin-catalog-backend
(npm)
Sep 17, 2024
node-gettext vulnerable to Prototype Pollution
High
CVE-2024-21528
was published
for
node-gettext
(npm)
Sep 10, 2024
njwt Prototype Pollution vulnerability
High
CVE-2024-34273
was published
for
njwt
(npm)
May 16, 2024
Prototype pollution vulnerability found in Mermaid's bundled version of DOMPurify
High
GHSA-m4gq-x24j-jpmf
was published
for
mermaid
(npm)
Oct 22, 2024
@saltcorn/server Remote Code Execution (RCE) / SQL injection via prototype pollution by manipulating `lang` and `defstring` parameters when setting localizer strings
High
GHSA-78p3-fwcq-62c2
was published
for
@saltcorn/server
(npm)
Oct 3, 2024
uPlot Prototype Pollution vulnerability
High
CVE-2024-21489
was published
for
uplot
(npm)
Oct 1, 2024
DOMPurify allows tampering by prototype pollution
High
CVE-2024-45801
was published
for
dompurify
(npm)
Sep 16, 2024
dset Prototype Pollution vulnerability
High
CVE-2024-21529
was published
for
dset
(npm)
Sep 11, 2024
Prototype pollution in ag-grid-community via the _.mergeDeep function
High
CVE-2024-38996
was published
for
ag-grid-community
(npm)
Jul 1, 2024
MiguelCastillo @bit/loader Prototype Pollution issue
High
CVE-2024-24293
was published
for
@bit/loader
(npm)
May 20, 2024
robinweser fast-loops vulnerable to prototype pollution
High
CVE-2024-39008
was published
for
fast-loops
(npm)
Jul 1, 2024
@75lb/deep-merge Prototype Pollution vulnerability
High
CVE-2024-38986
was published
for
@75lb/deep-merge
(npm)
Jul 30, 2024
jrburke requirejs vulnerable to prototype pollution
High
CVE-2024-38999
was published
for
requirejs
(npm)
Jul 1, 2024
Badger Database Prototype Pollution
High
CVE-2024-36581
was published
for
@abw/badger-database
(npm)
Jun 17, 2024
Object Resolver Prototype Pollution
High
CVE-2024-36577
was published
for
@apphp/object-resolver
(npm)
Jun 17, 2024
@amoy/common v was discovered to contain a prototype pollution via the function extend
High
CVE-2024-38994
was published
for
@amoy/common
(npm)
Jul 1, 2024
frappejs was discovered to contain a prototype pollution via the function registerView
High
CVE-2024-38992
was published
for
@airvertco/frappejs
(npm)
Jul 1, 2024
akbr patch-into was discovered to contain a prototype pollution via the function patchInto
High
CVE-2024-38991
was published
for
@akbr/patch-into
(npm)
Jul 1, 2024
datatables.net vulnerable to Prototype Pollution due to incomplete fix
High
CVE-2020-28458
was published
for
datatables.net
(npm)
Dec 17, 2020
Conform contains a Prototype Pollution Vulnerability in `parseWith...` function
High
CVE-2024-32866
was published
for
@conform-to/dom
(npm)
Apr 23, 2024
mysql2 vulnerable to Prototype Pollution
High
CVE-2024-21512
was published
for
mysql2
(npm)
May 30, 2024
json-schema-ref-parser Prototype Pollution issue
High
CVE-2024-29651
was published
for
@apidevtools/json-schema-ref-parser
(npm)
May 20, 2024
ProTip!
Advisories are also available from the
GraphQL API