GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
343 advisories
Filter by severity
set-getter Prototype Pollution Vulnerability
Critical
CVE-2021-25949
was published
for
set-getter
(npm)
Jun 21, 2021
Prototype pollution vulnerability in js-extend
Critical
CVE-2021-25945
was published
for
js-extend
(npm)
Jun 8, 2021
Prototype pollution in nconf-toml
Critical
CVE-2021-25946
was published
for
nconf-toml
(npm)
Jun 7, 2021
Prototype pollution in Merge-deep
Critical
CVE-2021-26707
was published
for
merge-deep
(npm)
Jun 7, 2021
eivindfjeldstad-dot contains prototype pollution vulnerability
Moderate
CVE-2020-7639
was published
for
@eivifj/dot
(npm)
May 25, 2021
Prototype Pollution in jquery-deparam
High
CVE-2021-20087
was published
for
jquery-deparam
(npm)
May 24, 2021
Prototype Pollution in jquery-bbq
High
CVE-2021-20086
was published
for
jquery-bbq
(npm)
May 24, 2021
Prototype pollution in controlled-merge
High
CVE-2020-28268
was published
for
controlled-merge
(npm)
May 18, 2021
Improperly Controlled Modification of Dynamically-Determined Object Attributes in casperjs
High
CVE-2020-7679
was published
for
casperjs
(npm)
May 17, 2021
Prototype Pollution in deep-override
Critical
CVE-2021-25941
was published
for
deep-override
(npm)
May 17, 2021
Prototype Pollution in doc-path
Critical
CVE-2020-7772
was published
for
doc-path
(npm)
May 10, 2021
Prototype pollution in json8-merge-patch
High
CVE-2020-8268
was published
for
json8-merge-patch
(npm)
May 10, 2021
Prototype pollution in grpc and @grpc/grpc-js
High
CVE-2020-7768
was published
for
@grpc/grpc-js
(npm)
May 10, 2021
Arbitrary Code Execution in json-ptr
High
CVE-2020-7766
was published
for
json-ptr
(npm)
May 10, 2021
Prototype pollution in @tsed/core
Moderate
CVE-2020-7748
was published
for
@tsed/core
(npm)
May 10, 2021
Prototype Pollution in simpl-schema
High
CVE-2020-7742
was published
for
simpl-schema
(npm)
May 10, 2021
Prototype pollution in json-pointer
Moderate
CVE-2020-7709
was published
for
json-pointer
(npm)
May 10, 2021
ProTip!
Advisories are also available from the
GraphQL API