GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,247
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
343 advisories
Filter by severity
Prototype Pollution in safe-object2
High
GHSA-qccf-q7p4-3q3j
was published
for
safe-object2
(npm)
Sep 4, 2020
Prototype Pollution in getsetdeep
High
GHSA-8j49-49jq-vwcq
was published
for
getsetdeep
(npm)
Sep 4, 2020
Prototype Pollution in deep-setter
High
GHSA-9qrg-h9g8-c65q
was published
for
deep-setter
(npm)
Sep 4, 2020
Prototype Pollution in get-setter
High
GHSA-ch82-gqh6-9xj9
was published
for
get-setter
(npm)
Sep 4, 2020
Prototype Pollution in unflatten
High
GHSA-6fh5-8wq8-w3wr
was published
for
unflatten
(npm)
Sep 4, 2020
Prototype Pollution in flat-wrap
High
GHSA-g7h8-p22m-2rvx
was published
for
flat-wrap
(npm)
Sep 4, 2020
Prototype Pollution in handlebars
High
GHSA-g9r4-xpmj-mj65
was published
for
handlebars
(npm)
Sep 4, 2020
Prototype Pollution in lodash.mergewith
High
GHSA-779f-wgxg-qr8f
was published
for
lodash.mergewith
(npm)
Sep 3, 2020
Prototype Pollution in lodash.defaultsdeep
High
GHSA-46fh-8fc5-xcwx
was published
for
lodash.defaultsdeep
(npm)
Sep 3, 2020
Prototype Pollution in lodash.mergewith
High
GHSA-5947-m4fg-xhqg
was published
for
lodash.mergewith
(npm)
Sep 3, 2020
Prototype Pollution in lodash.defaultsdeep
High
GHSA-h5mp-5q4p-ggf5
was published
for
lodash.defaultsdeep
(npm)
Sep 3, 2020
Prototype Pollution in lodash.merge
High
GHSA-2m96-9w4j-wgv7
was published
for
lodash.merge
(npm)
Sep 3, 2020
Prototype Pollution in lodash.merge
High
GHSA-h726-x36v-rx45
was published
for
lodash.merge
(npm)
Sep 3, 2020
Prototype Pollution in @commercial/subtext
High
GHSA-36c4-4r89-6whg
was published
for
@commercial/subtext
(npm)
Sep 3, 2020
Prototype Pollution in @hapi/subtext
High
GHSA-g9cg-h3jm-cwrc
was published
for
@hapi/subtext
(npm)
Sep 3, 2020
Prototype Pollution in smart-extend
Moderate
GHSA-f8h3-rqrm-47v9
was published
for
smart-extend
(npm)
Sep 2, 2020
Prototype Pollution in merge-objects
Low
GHSA-992f-wf4w-x36v
was published
for
merge-objects
(npm)
Sep 1, 2020
Prototype Pollution in express-fileupload
Critical
CVE-2020-7699
was published
for
express-fileupload
(npm)
Aug 5, 2020
dot-prop Prototype Pollution vulnerability
High
CVE-2020-8116
was published
for
dot-prop
(npm)
Jul 29, 2020
confinit vulnerable to prototype pollution
Moderate
CVE-2020-7638
was published
for
confinit
(npm)
Apr 7, 2020
ProTip!
Advisories are also available from the
GraphQL API