GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,247
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
167 advisories
Filter by severity
Prototype Pollution in object-path
High
CVE-2021-3805
was published
for
object-path
(npm)
Sep 20, 2021
Prototype Pollution in cookiex/deep
High
CVE-2021-23442
was published
for
@cookiex/deep
(npm)
Sep 20, 2021
body-parser-xml vulnerable to Prototype Pollution
High
CVE-2021-3666
was published
for
body-parser-xml
(npm)
Sep 14, 2021
Remote Code Execution via Script (Python) objects under Python 3
High
CVE-2021-32811
was published
for
Zope
(pip)
Aug 5, 2021
Improperly Controlled Modification of Object Prototype Attributes
High
GHSA-6cj2-92m5-7mvp
was published
for
think-config
(npm)
Aug 3, 2021
Prototype Pollution in think-helper
High
CVE-2021-32736
was published
for
think-helper
(npm)
Jul 1, 2021
Prototype Pollution in jquery-deparam
High
CVE-2021-20087
was published
for
jquery-deparam
(npm)
May 24, 2021
Prototype Pollution in jquery-bbq
High
CVE-2021-20086
was published
for
jquery-bbq
(npm)
May 24, 2021
Prototype pollution in controlled-merge
High
CVE-2020-28268
was published
for
controlled-merge
(npm)
May 18, 2021
Improperly Controlled Modification of Dynamically-Determined Object Attributes in casperjs
High
CVE-2020-7679
was published
for
casperjs
(npm)
May 17, 2021
Prototype pollution in json8-merge-patch
High
CVE-2020-8268
was published
for
json8-merge-patch
(npm)
May 10, 2021
Prototype pollution in grpc and @grpc/grpc-js
High
CVE-2020-7768
was published
for
@grpc/grpc-js
(npm)
May 10, 2021
Arbitrary Code Execution in json-ptr
High
CVE-2020-7766
was published
for
json-ptr
(npm)
May 10, 2021
Prototype Pollution in simpl-schema
High
CVE-2020-7742
was published
for
simpl-schema
(npm)
May 10, 2021
Improperly Controlled Modification of Dynamically-Determined Object Attributes in utilitify
High
CVE-2019-10808
was published
for
utilitify
(npm)
May 7, 2021
Prototype Pollution in deep-get-set
High
CVE-2020-7715
was published
for
deep-get-set
(npm)
May 6, 2021
Prototype Pollution in backbone-query-parameters
High
CVE-2021-20085
was published
for
backbone-query-parameters
(npm)
May 6, 2021
ProTip!
Advisories are also available from the
GraphQL API